<svg> tag allows <script> to execute when formatted incorrectly, also blocks some legal code.

Not reproducible Issue #4769983

Details

Created
Sep 29, 2015
Privacy
This issue is public.
Reports
Reported by 0 people

Sign in to watch or report this issue.

Steps to reproduce

URL:

Repro Steps:

  1. Create an HTML file containing the following content:
    <svg><script>prompt(1)<p>
  2. Load the page in Internet Explorer, see that the prompt function executes. It does not execute in other browsers
  3. Create an HTML file containing the following content:
    <svg>
    <script>
    p=2;prompt(1);x=3<p ; y=2>4;prompt(2)
  4. Load the page in Internet Explorer, note that prompt(1) executes, prompt(2) does not.

Expected Results:

Parsing of a <script> tag in HTML is carried out up until exactly the next </script> tag. It should do so in an svg tag also, for principle of least surprise.

Actual Results:

Dev Channel specific:

No

Attachments

0 attachments

    Comments and activity

    • Microsoft Edge Team

      Changed Assigned To to “Sermet I.”

      Changed Assigned To to “Rossen A.”

      Changed Assigned To from “Rossen A.” to “Bogdan B.”

      Changed Assigned To from “Bogdan B.” to “Kevin B.”

      Changed Status to “Confirmed”

      Changed Assigned To from “Kevin B.” to “James M.”

      Changed Assigned To from “James M.” to “Kevin B.”

      Changed Assigned To from “Kevin B.” to “Bogdan B.”

      Changed Status from “Confirmed” to “Won’t fix”

      Changed Assigned To from “Bogdan B.” to “James M.”

      Changed Status from “Won’t fix”

    • Hello,

      Thank you for providing this information about the issue. We are reevaluating this case in recent builds, but the repro steps are unclear. Please attach sample files to this case so we can repro the issue accurately.

      Best Wishes,
      The MS Edge Team

    • Microsoft Edge Team

      Changed Status to “Not reproducible”

    You need to sign in to your Microsoft account to add a comment.

    Sign in