Thanks for you post Thomas. You're right it's only working for me w/ JQuery. I have created a wrapper method that uses JQuery under the hood.
It *seems* to work. Altho, Now it appears I have a display issue where it the embedded gadget is the only thing displayed on the page (my host page seems to vanish). On to the next problem :-) On Sep 23, 8:41 am, Thomas Broyer <[email protected]> wrote: > On 23 sep, 02:27, JohnJ <[email protected]> wrote: > > > I would like to allow the following... (I know this could cause XSS > > issues but the users of this system are trusted). > > > DOM.getElementById('someid').setInnerHTML("<script>alert('hello!');</ > > script>"); > > > If run this in hosted mode it appears to do nothing. If I compile and > > browse this with Firefox/Firebug it looks like the right markup is > > being added to the page but not executed. > > > I am able to do this w/ JQuery or plain JavaScript I wonder if GWT is > > encoding the <script> tags? > > No, GWT isn't doing anything specific here; but jQuery does (using ./ > html("..."), it scans for <script> elements in the parsed DOM and then > execute their content with an eval()). > As for "plan JavaScript", well, I don't know how you tested it but I > can't get it to run in any browser (tested: Chrome 4(dev), Firefox > 3.5.3, IE8 and Opera 10) with the following code: > <!DOCTYPE html> > <body> > <button type=button onclick="document.body.innerHTML += > 'foo<script>alert("hello!")</script>'">Click me!</button> > > Well, note that you *can* make the script run in IE if you use the > 'defer' attribute: <script defer>alert("hello");</script>, as > explained on the > MSDN:http://msdn.microsoft.com/en-us/library/ms533897(VS.85).aspx > ...but HTML5 specs it as not executing > scripts:http://www.w3.org/TR/2008/WD-html5-20080610/dom.html#innerhtml0 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
