Hi everyone!
I have a hidden div-Box with some content. Inside the div box is some
JavaScript. I fetch the content of the hidden div-Box with the
prototype $ method and put it into another one which is visible.
(using the "update" method) After the paste the script is executed and
all page content is replaced by the script output.
Is there a way to avoid the script inside the pasted HTML to be
executed?
Here is an example what I mean:
The script inside this box is coming from a cms, it is just to avoid
spaming. I can''t change it - it is the result of an "mailto:"
link in
the backend.
<div id="hiddenbox" class="hideme">
<h2>Immobilienfachwirt</h2><br /> <img
src=''/demo/vrbank-immo/images/
burkhard_niessing_web.jpg'' border=''0''
alt='''' align=''left'' /> <table
border=''0''> <tbody> <tr>
<td>Burkhard Nießing </td>
<td> </td> </tr> <tr>
<td>Telefon<br /> </td>
<td>02563 401-17<br /> </td> </tr> <tr>
<td>Mobil<br /> </
td> <td>0172 176 12 17<br /> </td> </tr>
<tr>
<td>Telefax<br /> </td> <td>02563 401-68<br
/> </td> </tr>
<tr> <td>Email<br /> </td>
<td><SCRIPT TYPE="text/
javascript"
LANGUAGE="javascript">document.write(String.fromCharCode(60,97,32,104,114,101,102,61,39,109,97,105,108,116,111,58,98,117,114,107,104,97,114,100,46,110,105,101,115,115,105,110,103,64,99,111,110,115,117,108,116,105,110,103,117,110,100,105,109,109,111,98,105,108,105,101,110,46,100,101,39,62,98,117,114,107,104,97,114,100,46,110,105,101,115,115,105,110,103,64,99,111,110,115,117,108,116,105,110,103,117,110,100,105,109,109,111,98,105,108,105,101,110,46,100,101,60,47,97,62));
</SCRIPT><br /> </td> </tr> </tbody>
</table> <SCRIPT
TYPE="text/javascript"
LANGUAGE="javascript">document.write(String.fromCharCode(60,97,32,104,114,101,102,61,39,109,97,105,108,116,111,58,98,117,114,107,104,97,114,100,46,110,105,101,115,115,105,110,103,64,99,111,110,115,117,108,116,105,110,103,117,110,100,105,109,109,111,98,105,108,105,101,110,46,100,101,39,62,60,47,97,62));
</SCRIPT><br />
</div>
<div id="infocolumn"></div>
<a href="javascript:void(0);" onclick=
"$(''infocolumn'').update($
(''hiddenbox'').innerHTML);">Click me</a>
After cklicking the link the content of the hidden div replaces the
content inside the infocolumn correctly. But after a few moments the
page is completely cleared and all content is replaced by the output
of the "mailto hideing" script.
This is the only page content after the insert:
<html><head></head><body><a
href="mailto:burkhard.niessing-sQvDcPvFtua3jOxsryryXfuCGBmmxxsXhC4ANOJQIlc@public.gmane.org">burkhard.niessing-sQvDcPvFtua3jOxsryryXfuCGBmmxxsXhC4ANOJQIlc@public.gmane.org</
a><a
href="mailto:burkhard.niessing-sQvDcPvFtua3jOxsryryXfuCGBmmxxsXhC4ANOJQIlc@public.gmane.org"></a></
body></html>
Can anyone explain whats happening there???? I would expect that the
mailto link shows up twice inside the div after the update but not
replacing the complete content.
Anyway - how can I avoid the script execution after the update. Or
will I have to search for any scripts inside the hidden div and delete
them?
Thanks for any tipps and kind regards
marcus
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Spinoffs" group.
To post to this group, send email to
rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-spinoffs?hl=en
-~----------~----~----~----~------~----~------~--~---