Generated <script> tags lo longer have deprecated `type="text/javas…

…cript"` or `language="Javascript"` attributes. Fixes #815.
smarty-php · Jan 31, 2023 · 016c9ce · 016c9ce
1 parent 6635a5e
commit 016c9ce
Show file tree

Hide file tree

Showing 7 changed files with 13 additions and 12 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -21,6 +21,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Smarty now always runs in multibyte mode, using `symfony/polyfill-mbstring` if required. Please use the
   multibyte extension for optimal performance.
 - Smarty no longer calls `mb_internal_encoding()` and doesn't check for deprecated `mbstring.func_overload` ini directive [#480](https://github.com/smarty-php/smarty/issues/480)
+- Generated `<script>` tags lo longer have deprecated `type="text/javascript"` or `language="Javascript"` attributes [#815](https://github.com/smarty-php/smarty/issues/815)
 
 ### Deprecated
 - `$smarty->getPluginsDir()`

diff --git a/docs/designers/language-basic-syntax/language-escaping.md b/docs/designers/language-basic-syntax/language-escaping.md
@@ -73,7 +73,7 @@ Where the template is:
 
 
     Welcome <!--{$name}--> to Smarty
-    <script language="javascript">
+    <script>
       var foo = <!--{$foo}-->;
       function dosomething() {
         alert("foo is " + foo);

diff --git a/docs/designers/language-builtin-functions/language-function-ldelim.md b/docs/designers/language-builtin-functions/language-function-ldelim.md
@@ -24,7 +24,7 @@ The above example will output:
 Another example with some Javascript
 
 
-    <script language="JavaScript">
+    <script>
     function foo() {ldelim}
         ... code ...
     {rdelim}
@@ -35,7 +35,7 @@ Another example with some Javascript
 will output
 
 
-    <script language="JavaScript">
+    <script>
     function foo() {
         .... code ...
     }
@@ -44,7 +44,7 @@ will output
        
 
 
-    <script language="JavaScript" type="text/javascript">
+    <script>
         function myJsFunction(){ldelim}
             alert("The server name\n{$smarty.server.SERVER_NAME}\n{$smarty.server.SERVER_ADDR}");
         {rdelim}

diff --git a/docs/designers/language-custom-functions/language-function-mailto.md b/docs/designers/language-custom-functions/language-function-mailto.md
@@ -30,7 +30,7 @@ spiders to lift email addresses off of a site.
     <a href="mailto:me@example.com" >send me some mail</a>
 
     {mailto address="me@example.com" encode="javascript"}
-    <script type="text/javascript" language="javascript">
+    <script>
        eval(unescape('%64%6f% ... snipped ...%61%3e%27%29%3b'))
     </script>
 
@@ -47,7 +47,7 @@ spiders to lift email addresses off of a site.
     <a href="mailto:me@example.com" class="email">me@example.com</a>
 
     {mailto address="me@example.com" encode="javascript_charcode"}
-    <script type="text/javascript" language="javascript">
+    <script>
         {document.write(String.fromCharCode(60,97, ... snipped ....60,47,97,62))}
     </script>
 

diff --git a/src/FunctionHandler/Mailto.php b/src/FunctionHandler/Mailto.php
@@ -109,12 +109,12 @@ public function handle($params, Template $template) {
 			for ($x = 0, $_length = strlen($string); $x < $_length; $x++) {
 				$js_encode .= '%' . bin2hex($string[$x]);
 			}
-			return '<script type="text/javascript">document.write(unescape(\'' . $js_encode . '\'))</script>';
+			return '<script>document.write(unescape(\'' . $js_encode . '\'))</script>';
 		} elseif ($encode === 'javascript_charcode') {
 			for ($x = 0, $_length = strlen($string); $x < $_length; $x++) {
 				$ord[] = ord($string[$x]);
 			}
-			return '<script type="text/javascript">document.write(String.fromCharCode(' . implode(',', $ord) . '))</script>';
+			return '<script>document.write(String.fromCharCode(' . implode(',', $ord) . '))</script>';
 		} elseif ($encode === 'hex') {
 			preg_match('!^(.*)(\?.*)$!', $address, $match);
 			if (!empty($match[2])) {

diff --git a/src/debug.tpl b/src/debug.tpl
@@ -166,7 +166,7 @@
     </body>
     </html>
 {/capture}
-<script type="text/javascript">
+<script>
     {$id = '__Smarty__'}
     {if $display_mode}{$id = "$offset$template_name"|md5}{/if}
     _smarty_console = window.open("", "console{$id}", "width=1024,height=600,left={$offset},top={$offset},resizable,scrollbars=yes");

diff --git a/tests/UnitTests/TemplateSource/TagTests/PluginFunction/PluginFunctionMailtoTest.php b/tests/UnitTests/TemplateSource/TagTests/PluginFunction/PluginFunctionMailtoTest.php
@@ -36,14 +36,14 @@ public function testText()
 
     public function testEncodeJavascript()
     {
-        $result = '<script type="text/javascript">document.write(unescape(\'%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a%6d%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d%22%20%3e%6d%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d%3c%2f%61%3e\'))</script>';
+        $result = '<script>document.write(unescape(\'%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a%6d%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d%22%20%3e%6d%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d%3c%2f%61%3e\'))</script>';
         $tpl = $this->smarty->createTemplate('eval:{mailto address="me@example.com" encode="javascript"}');
         $this->assertEquals(str_replace("\r", '', $result), $this->smarty->fetch($tpl));
     }
 
     public function testEncodeJavascriptCharcode()
     {
-        $result = '<script type="text/javascript">document.write(String.fromCharCode(60,97,32,104,114,101,102,61,34,109,97,105,108,116,111,58,109,101,64,101,120,97,109,112,108,101,46,99,111,109,34,32,62,109,101,64,101,120,97,109,112,108,101,46,99,111,109,60,47,97,62))</script>';
+        $result = '<script>document.write(String.fromCharCode(60,97,32,104,114,101,102,61,34,109,97,105,108,116,111,58,109,101,64,101,120,97,109,112,108,101,46,99,111,109,34,32,62,109,101,64,101,120,97,109,112,108,101,46,99,111,109,60,47,97,62))</script>';
         $tpl = $this->smarty->createTemplate('eval:{mailto address="me@example.com" encode="javascript_charcode"}');
         $this->assertEquals(str_replace("\r", '', $result), $this->smarty->fetch($tpl));
     }
@@ -85,7 +85,7 @@ public function testUmlauts()
 
 	public function testJavascriptChars()
 	{
-		$result = '<script type="text/javascript">document.write(unescape(\'%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a%6d%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d%26%71%75%6f%74%3b%26%67%74%3b%6d%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d%26%23%30%33%39%3b%29%3b%20%61%6c%65%72%74%28%26%71%75%6f%74%3b%69%6e%6a%65%63%74%69%6f%6e%26%71%75%6f%74%3b%29%3b%20%2f%2f%22%20%3e%6d%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d%26%71%75%6f%74%3b%26%67%74%3b%6d%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d%26%23%30%33%39%3b%29%3b%20%61%6c%65%72%74%28%26%71%75%6f%74%3b%69%6e%6a%65%63%74%69%6f%6e%26%71%75%6f%74%3b%29%3b%20%2f%2f%3c%2f%61%3e\'))</script>';
+		$result = '<script>document.write(unescape(\'%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a%6d%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d%26%71%75%6f%74%3b%26%67%74%3b%6d%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d%26%23%30%33%39%3b%29%3b%20%61%6c%65%72%74%28%26%71%75%6f%74%3b%69%6e%6a%65%63%74%69%6f%6e%26%71%75%6f%74%3b%29%3b%20%2f%2f%22%20%3e%6d%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d%26%71%75%6f%74%3b%26%67%74%3b%6d%65%40%65%78%61%6d%70%6c%65%2e%63%6f%6d%26%23%30%33%39%3b%29%3b%20%61%6c%65%72%74%28%26%71%75%6f%74%3b%69%6e%6a%65%63%74%69%6f%6e%26%71%75%6f%74%3b%29%3b%20%2f%2f%3c%2f%61%3e\'))</script>';
 		$this->smarty->assign('address', 'me@example.com">me@example.com\'); alert("injection"); //');
 		$tpl = $this->smarty->createTemplate('eval:{mailto address=$address encode=javascript}');
 		$this->assertEquals(str_replace("\r", '', $result), $this->smarty->fetch($tpl));