<script type="text/javascript">
var randomnumber=Math.floor(Math.random()*10000);
var sr = 'http://www.example.com/example.js?rnd='+randomnumber;
document.write("<script type=\"text/javascript\" src=\"" + sr + "\" id-value-test=\"100\" > </script>");
</script>
在 id-value-test 获取未终止的字符串文字。任何想法?
答案 0 :(得分:7)
在进行HTML解析时,浏览器不会解析JavaScript,因此它们会在找到的第一个</script>序列处停止 - 即使它是在字符串文字或JavaScript注释中。
要避免它,只需执行任何操作即可中断字符串中的</script>,例如:
<script type="text/javascript">
var randomnumber=Math.floor(Math.random()*10000);
var sr = 'http://www.example.com/example.js?rnd='+randomnumber;
document.write("<script type=\"text/javascript\" src=\"" + sr + "\" id-value-test=\"100\" > <\/script>");
<!-- Change is here -----------------------------------------------------------------------------^ -->
</script>
或
<script type="text/javascript">
var randomnumber=Math.floor(Math.random()*10000);
var sr = 'http://www.example.com/example.js?rnd='+randomnumber;
document.write("<script type=\"text/javascript\" src=\"" + sr + "\" id-value-test=\"100\" > </" + "script>");
<!-- Change is here ----------------------------------------------------------------------------^ -->
</script>