[PATCH] Handle skipMode() getting set in JS-generated HTML (#42623)

[Dirk Mueller]

On Mit, 04 Sep 2002, Maks Orlovich wrote:

> The attached patch is what I think is the fix for #42623...
> The problem in that website (and also on populaephotography.com) 
> is basically with the above fragment:
> 
> <script type="text/javascript">
> <!--
> document.write("<iframe>");
> -->
> </script>
> </iframe>
> Foo

Wow, tricky. For now my solution would be: 

@@ -443,11 +451,11 @@ void HTMLTokenizer::scriptHandler()
     }
 
     script = false;
     scriptCodeSize = scriptCodeResync = 0;
 
-    if ( !parser->skipMode() ) {
+    if ( 1 ||! parser->skipMode() ) {
         if ( !m_executingScript && !loadingExtScript ) {
             // kdDebug( 6036 ) << "adding pending Output to parsed string" 
<< endl;
             QString newStr = QString(src.current(), src.length());
             newStr += pendingSrc;
             setSrc(newStr);



but I'm not sure about this yet. Will try to think what this might break. 

The HTML Parser in other browsers is definitely not recursive, so saving and 
restoring the skipMode on stack can't be a solution. :-/


-- 
Dirk (received 56 mails today)