Further improved parsing of <SCRIPT> tag.

Script code may contain a '<' as part of a equation. We erroneously interpreted that as start of a tag. Now we check for the very next char to be a '/' as the only tag allowed is the </SCRIPT> tag.
contiki-os · Jun 6, 2015 · e8b4bef · e8b4bef
1 parent 1d934db
commit e8b4bef
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/apps/webbrowser/htmlparser.c b/apps/webbrowser/htmlparser.c
@@ -367,6 +367,8 @@ parse_tag(void)
   static unsigned char size;
 
   tag = find_tag(s.tag);
+  /* If we are inside a <script> we mustn't interpret any tags
+     (inside JavaScript strings) but wait for the </script>. */
   if(s.majorstate == MAJORSTATE_SCRIPT && tag != TAG_SLASHSCRIPT) {
     return;
   }
@@ -562,6 +564,15 @@ parse_word(char *data, uint8_t dlen)
     }
     break;
   case MINORSTATE_TAG:
+    /* If we are inside a <srcipt> we mustn't mistake a JavaScript
+       equation with a '<' as a tag. So we check for the very next
+       character to be a '/' as we're only interested in parsing
+       the </script>. */
+    if(s.majorstate == MAJORSTATE_SCRIPT && data[0] != ISO_slash) {
+      s.minorstate = MINORSTATE_TEXT;
+      break;
+    }
+
     /* We are currently parsing within the name of a tag. We check
        for the end of a tag (the '>' character) or whitespace (which
        indicates that we should parse a tag attr argument