Ticket #496 (closed Bug: invalid)

Opened 18 months ago

Last modified 18 months ago

editor fails to load content with <script> tags in "inline" mode, textarea replace OK

Reported by: Lloyd Owned by:
Priority: Normal Milestone:
Component: General Version: FCKeditor 2.4.2
Keywords: Cc:

Description

Starting the editor with properly-escaped starting "value" does not load content properly when editor is started in "inline" mode, while exactly the same content loads properly in "textarea replace" mode. The following example javascript load data should make the problem clear: 

<script type="text/javascript">
var oFCKeditor = new FCKeditor('edited');
oFCKeditor.BasePath = "/FCKeditor/" ;
oFCKeditor.Config["CustomConfigurationsPath"] = "/myfckconfig.js"  ;
oFCKeditor.Config["BaseHref"] = "http://fckwebedit.anemiaanswer.com/examples/" ;
oFCKeditor.Height = "100%" ;
oFCKeditor.Config["mytop"] = "None" ;
oFCKeditor.Config["mytail"] = "None";
oFCKeditor.Config["mypath"] = "./examples";
oFCKeditor.Config["mytitle"] = "";
oFCKeditor.Config["strict"] = "0";
oFCKeditor.Value = " <p>Standish and Co. (USA) CR Natural, S.A.&nbsp; (Costa Rica)</p> <script type=\"text/javascript\" language=\"javascript\"> <!-- var ANS_customer_id=\"066fc456-c071-48d3-aa1f-0542ead8f44b\";--></script> <p>See also:<br> <b><a href=\"questions-and-answers.htm\">Carao Questions and Answers<br></a></b></p> ";
oFCKeditor.Create();
</script>

Change History

Changed 18 months ago by Lloyd

I should have specified that the failure to load only occurs when there are <script> </script> tags in the text loaded into the editor.

Changed 18 months ago by Lloyd

Browser output for the example data given looks like this:

See also: Carao Questions and Answers '; oFCKeditor.Create();

That is, the FCKeditor is not loaded. The tag <script type="text/javascript"> at the top of my example is being closed by the first </script> tag encountered in 'oFCKeditor.Value', so oFCKeditor.Create(); is not executed.

I simply cannot believe this is really a bug... it must be an error in the way I am loading the editor! Still, the only work-around I can see is to mangle any </script> tags loaded by 'oFCKeditor.Value' (very awkward!)

Changed 18 months ago by alfonsoml

  • keywords inline mode script textarea removed
  • priority changed from High to Normal
  • status changed from new to closed
  • resolution set to invalid

If you try to validate that html page you'll find that it's invalid. The browser will see the </script> inside the string and close the script element.

The solution is to escape it : <\/script>

Note: See TracTickets for help on using tickets.