Geek Answers Handbook

Fix the warning thrown by HTML Validator

I have JavaScript code in my php website.
This code uses jQuery and builds a <select> menu using ajax calls.

Here is the code

sel.append('<option value="' + data[i].id + '">' + data[i].nombre + '</option>');

And that gives me the following warning

line 240 column 82 - Warning: '<' + '/' + writing is not allowed here

Does anyone know how I can fix this warning, so my html is checking? Thanks

+4
source share
5 answers

The problem is that any </ sequence known as ETAGO terminates a CDATA element, such as <script> . You can get away with </ in browsers, but not </script .

The simplest workaround is splitting the sequence </ using a backslash-escape:

 sel.append('<option value="' + data[i].id + '">' + data[i].nombre + '<\/option>');

However, this line still has problems because you are not using the id and nombre HTML tags. If they can contain < , & or " , you just created a client-side XSS vulnerability!

This way, either HTML-escape your text values ​​before putting them in strings, or, more simply put, just use the standard DOM:

sel.append (new option (data [i] .nombre, data [i] .id));

+10
source

Put javascript in an external file.

+4
source

If you write javascript on the html / xhtml page, you can enclose javascript in CDATA

 <script type="text/javascript"> /* <![CDATA[ */ console.log("..js code here.."); /* ]]> */ </script>
+1
source

To include code that is not encoded as XML in an XHTML document (and I assume that you are trying to do), you need to do something like the following:

 <script type="text/javascript"> //<![CDATA[ alert("<This is now valid XHTML>"); //]]> </script>
+1
source

Put <!-- and --> around your code.

-2
source

More articles:


All Articles