Ext.Element.update(): better evaluation of Scripts

Posted in xn--kfs74mzzid01b.com edit by rose on January 7th, 2009

if loadScripts==true then scripts are evaluated on element.update().
The procedure of evaluating scripts is however NOT standard conform.

If f. e. you update the element with the following HTML:


the alert() will be executed allthough the script is part of a textarea.

The reason is because Ext uses regular expressions to find the blocks inside the HTML and eval()-s everything. Instead the HTML should be parsed by a real HTML-Parser to do the job.

We made very good experiences with the following way to execute scripts recieved via ajax:
divTag.innerHTML = html;

// evaluate pasted javascript
var scripts = divTag.getElementsByTagName("script");
var totalscripts="";
for (var i = 0; i < scripts.length; i++) {
var script = scripts[i].innerHTML;
totalscripts += "n"+script;
}
window.setTimeout(totalscripts, 10);This way we let the BROWSER parse the recieved HTML.



should be:


<script>alert("hallo")</script>


Browsers will usually (but not always) correctly parse raw html in a textarea, but using the second (encoded) will always work.




#If you have any other info about this subject , Please add it free.#
Your name:
E-mail:
Telphone:

Your comments:


If you have any other info about Ext.Element.update(): better evaluation of Scripts , Please add it free.
Protect Your Computer from Viruses-Using Anti Virus
IBM Rational IDE tops survey