On 21-08-2022 02:05, Aleix Conchillo Flaqué wrote:
According
to the spec, embedding inline content in the <script> tag
should conform to the language defined by the "type" attribute
(defaults to _javascript_). So, I would expect you could put any
string that conforms to JS.
"""
When used to include dynamic scripts, the scripts may either be
embedded inline or may be imported from an external file using the
src attribute. If the language is not that described by
"text/_javascript_", then the type attribute must be present, as
described below. Whatever language is used, the contents of the
script element must conform with the requirements of that
language's specification
I am proposing to use XHTML (which is XML), not HTML. HTML's
special parsing quirks are irrelevant here.
It does,
browsers (at least Chrome) don't interpret that correctly,
since it's not valid _javascript_.
As <script> ... </script> is XML, the XML parser (not
the HTML parser, this is XHTML!) will decode the < inside
the <script>...</script>, the result _after decoding_
is valid _javascript_. In XML, <script> is not special --
everything is parsed the same way in XML.