tags:

views:

30

answers:

3
+1  Q: 

Copy (e.g. with load or find) with jQuery an HTML Markup with included Inline Script - How to realize?

Hey Stack'er

I want to crop a part of an HTML markup with Inline-JavaScript included.

Example:

<div id="foo">
   <div id="bar">
      <script>
         ..some function..
      </script>
      <p>...</p>
   </div>
</div>

With the jQuery functions find() and load() you are not able to copy the whole markup WITH the JS-Snippet includet. The result looks like:

<div id="foo">
   <div id="bar">
      <p>...</p>
   </div>
</div>

The Script is stripped off. In the jQuery Community they say its supposed to be like this, because of risk of Script Injection.

But how is it possible anyway to realize this?

Best wishes chris

A: 

I don't know how you would select it out, but you could insert it into the dom by splitting the <scri and pt> tags

drachenstern  2010-10-13 20:29:22
Seriously, what's up with the downvote with no reason given? It's a valid answer.
drachenstern  2010-10-13 21:30:12
+1  A: 

http://forum.jquery.com/topic/jquery-removing-script-tags-from-html-string-when-using-html

Is a good thread on this.

I guess you could always use innerHTML which I believe returns the script.

Ryan Ternier  2010-10-13 20:34:58
Good answer by bobince, but your answer/link helped me with my problem - thanks!
ChrisBenyamin  2010-10-15 10:57:29
+2  A: 

It's not to do with script injection at html()-reading time, it's to do with browser inconsistencies about what happens when you write <script> into innerHTML, at html(value)-writing time.

This is heavily unreliable across browsers, which is why jQuery attempts to pull the scripts out and execute them separately, avoiding writing them to the document since that has unpredictable after-effects.

You should avoid dealing with script element nodes or HTML markup with <script> in. What is it you are trying to do here?

bobince  2010-10-13 20:45:42
Short version: We have build a kind of slide show, which loads content "snippets" out of other files (thats why we crop from this node) into the container. Works fine, till we load a page with an included flash video player, that is using swfobject.js script to initialize. :-) Clear?
ChrisBenyamin  2010-10-13 20:53:33
Have you thought about escaping the <script> tag? <script> ?
Ryan Ternier  2010-10-13 21:18:56
Loading scripts dynamically like this is unwise, you want to keep your code static. When you *really* need to, you should return separate script for explicit execution. But for a simple Flash video player there is no benefit to using swfobject; you can just use the simple object markup detailed in the [Flash Satay](http://www.alistapart.com/articles/flashsatay) article and forget scripting. The disadvantage of this method of embedding is that you don't get swf-loading-streaming in IE. But video players don't provide that anyway, they load completely (and then take video from an external URL).
bobince  2010-10-13 21:20:25

related questions

Autosizing Textarea
Regular expression for parsing links from a webpage?
What are good tools for creating compiled HTML help files (.chm)?
Looking for WYSIWYG HTML editor
Any reason not to start using the HTML 5 doctype?
HTML comments break down
HTML Comments Markup
Setting a div's height in HTML with CSS
Wrapping lists into columns
Is a "Confirm Email" input good practice when user changes email address?
<XMP> Tag
HTML version choice
Options for HTML scraping?
How do you disable browser Autocomplete on web form field / input tag?
How do I make a checkbox toggle from clicking on the text label as well?
Html CSS Editor
Wordpress theme development offline tools
How do I give my web sites an icon for iPhone?
In HTML, how to word-break on a dash?
Detecting font in JavaScript
How do you test layout design across multiple browsers/OSs?
How do I print an HTML document from a web service?
Multiple submit buttons on a HTML form
How can I determine a web user's time zone?
Why doesn't the percentage width child in absolutely positioned parent work in IE7?