6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"$10"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","javascript",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L11",null,{"href":"/discussion/tag/javascript/1","children":"javascript"}]}],["$","span","jquery",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L11",null,{"href":"/discussion/tag/jquery/1","children":"jquery"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://i.sstatic.net/zL1re.jpg?s=256","alt":"sawa","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/314166/sawa","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"sawa"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",168101]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"Cannot add script node dynamically"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

I am trying to attach a <script> node with the following code

\n\n

<html>\n<body>\n<script src=\"http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js\"></script>\n<script>\n  $('body').append('<script>alert(\\'foo\\');</script>');\n</script>\n</body>\n</html>\n

\n\n

I expect the code

\n\n

alert('foo');\n

\n\n

to be added an executed, but actually, the following string is added

\n\n

');\n

\n\n

What is happening here?

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",0]}],["$","p",null,{"children":["Views: ",87]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",2,")"]}],[["$","div","23262023",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/7fb6b9bc012cd839a99ba778c722c5a7?s=256&d=identicon&r=PG","alt":"xdazz","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/762073/xdazz","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"xdazz"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",160843]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

You have to break </script> inside the string or it will considered as the end tag for <script>.

\n\n

  $('body').append('<script>alert(\\'foo\\');</scr'+'ipt>');\n

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",3]}]}]]}],["$","div","23262021",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/c6ba8aa1e7995cdd49307592a2d9f939?s=256&d=identicon&r=PG","alt":"kaytrance","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/820948/kaytrance","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"kaytrance"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",2757]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

You have to properly escape the slash character here and use doublequotes for foo:

\n\n

<html>\n  <body>\n    <script src=\"http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js\"></script>\n    <script>\n      $('body').append('<script>alert(\"foo\");<\\/script>');\n    </script>\n  </body>\n</html>\n

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",4]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","610995",{"className":"mb-2","children":["$","$L11",null,{"href":"/discussion/solution/610995","className":"text-blue-600 hover:underline","children":"Can't append <script> element"}]}],["$","li","49775351",{"className":"mb-2","children":["$","$L11",null,{"href":"/discussion/solution/49775351","className":"text-blue-600 hover:underline","children":"Script not loading when added dynamically with jQuery"}]}],["$","li","39434863",{"className":"mb-2","children":["$","$L11",null,{"href":"/discussion/solution/39434863","className":"text-blue-600 hover:underline","children":"Dynamically added element function call not working"}]}],["$","li","30204258",{"className":"mb-2","children":["$","$L11",null,{"href":"/discussion/solution/30204258","className":"text-blue-600 hover:underline","children":"Appending script dynamically fails"}]}],["$","li","28978457",{"className":"mb-2","children":["$","$L11",null,{"href":"/discussion/solution/28978457","className":"text-blue-600 hover:underline","children":"Getting an error: Failed to execute 'appendChild' on 'Node': parameter 1 is not of type 'Node'"}]}],["$","li","28763487",{"className":"mb-2","children":["$","$L11",null,{"href":"/discussion/solution/28763487","className":"text-blue-600 hover:underline","children":"Code is not working with dynamically added element"}]}],["$","li","17570785",{"className":"mb-2","children":["$","$L11",null,{"href":"/discussion/solution/17570785","className":"text-blue-600 hover:underline","children":"jQuery createElement("script") issue"}]}],["$","li","19917539",{"className":"mb-2","children":["$","$L11",null,{"href":"/discussion/solution/19917539","className":"text-blue-600 hover:underline","children":"Dynamically adding script to a div does not execute the script"}]}],["$","li","18567184",{"className":"mb-2","children":["$","$L11",null,{"href":"/discussion/solution/18567184","className":"text-blue-600 hover:underline","children":"Cannot launch script on dynamically added element"}]}],["$","li","15567312",{"className":"mb-2","children":["$","$L11",null,{"href":"/discussion/solution/15567312","className":"text-blue-600 hover:underline","children":"Dynamically adding script element to a div does not execute the script"}]}]]}]]}]]}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}],["$","$L16",null,{}]]

Cannot add script node dynamically

Answers (2)

Related Questions