Closed
Bug 504941
Opened 15 years ago
Closed 15 years ago
[HTML5]Unclosed comment inside <script> causes page to appear blank
Categories
(Core :: DOM: HTML Parser, defect, P1)
Tracking
()
RESOLVED
DUPLICATE
of bug 503632
mozilla1.9.2a1
People
(Reporter: pr11t, Unassigned)
References
()
Details
(Keywords: testcase)
Attachments
(1 file)
|
(deleted),
text/html
|
Details |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2a1pre) Gecko/20090717 Minefield/3.6a1pre
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2a1pre) Gecko/20090717 Minefield/3.6a1pre
Details
Reproducible: Always
Steps to Reproduce:
1.about:config set HTML5 to true
2.close Minefield and go to SafeMode
3.open up webpage http://www.aerosnap.de.vu/
Actual Results:
Page was Blank - White - Empty
Expected Results:
Webpage should had been shown even in HTML5 enabled
Safemode should had disregard non-default value HTML5 - True to False
Using Windows 7 and Official Minefield Build 20090718
|
Reporter | |
Updated•15 years ago
|
OS: Windows 7 → All
|
||
Comment 1•15 years ago
|
||
Confirming and setting new:
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2a1pre) Gecko/20090717 Minefield/3.6a1pre (.NET CLR 3.5.30729) ID:20090717120342 <latest hourly available
Status: UNCONFIRMED → NEW
Component: General → HTML: Parser
Ever confirmed: true
Product: Firefox → Core
QA Contact: general → parser
Summary: Summary → [HTML5] Aerosnap.de.vu loads blank page
Target Milestone: --- → mozilla1.9.2a1
Version: unspecified → Trunk
|
||
Comment 2•15 years ago
|
||
It's actually the frame http://aerosnap.de/ that incorrectly shows up blank.
|
|
||
Comment 3•15 years ago
|
||
Blank only with HTML5 parser enabled.
|
|
||
Updated•15 years ago
|
Summary: [HTML5] Aerosnap.de.vu loads blank page → Unclosed comment inside <script> causes page to appear blank
|
|
||
Comment 4•15 years ago
|
||
See also bug 503632. Based on the direction that discussion is going, I'm not marking this as a dup.
|
||
Updated•15 years ago
|
Depends on: 503632
Summary: Unclosed comment inside <script> causes page to appear blank → [HTML5]Unclosed comment inside <script> causes page to appear blank
|
|
||
Updated•15 years ago
|
Blocks: html5-parsing
I don't see a way to fix this without reparsing. If the problem is rare, I think WONTFIX plus evang is the right solution. If the problem is common, we have a serious issue with a fundamental design constraint of the spec.
|
|
||
Comment 6•15 years ago
|
||
What design constraint is that? Why does <!-- inside <script> need to be treated as anything at all?
<!-- needs magic treatment inside script to mask document.write("</script>");
<script><!--
...
document.write("<script src='foo'></script>");
...
--></script>
The design constraint I meant was the constraint not to do reparsing, because reparsing would change the executability characteristics of pieces of the page if an attacker can force a premature end of file.
Note to people who are searching for dupes before filing bugs:
If you see this in the wild, please note the URL of the page here.
|
|
||
Comment 9•15 years ago
|
||
Interesting! I guess strings in scripts must have "<!--", "-->", and "</script" escaped to avoid XSS, depending on whether the script already has a "<!--" and the browser version. I used to think escaping "/" as "\/" and escaping the string delimiter was enough.
I like the no-reparsing constraint, though.
I wrote up a relatively radical proposal for a fix:
http://wiki.whatwg.org/wiki/CDATA_Escapes
Priority: -- → P1
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•