Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

"%3Cscript" vs "<script"

Tags:

javascript

special-characters

Every once in a while, I'll see an HTML code snippet with:

%3Cscript

where the %3C replaces the <. Is this because the code was auto-generated or needs to display properly in an editor or was it coded that way explicitly for some reason and needs to keep that form on the HTML webpage? In case it is helpful here is the full beginning of the line of code I was questioning:

document.write(unescape('('%3Cscript

Wouldn't the line of code work just fine it you replaced the %3C with a <?

like image 681
Ken Boone Avatar asked Oct 05 '22 17:10

Ken Boone

1 Answers

The unescape() Javascript function converts the %3C back to < before it gets written into the document. This is apparently an attempt to avoid triggering scanners that might see the literal <script tag in the source and misinterpret what it means.

like image 62
Greg Hewgill Avatar answered Oct 08 '22 10:10

Greg Hewgill
Sign in to Comment

Related questions

Is Ember.js Object observer equivalent to ES6 Harmony Object.observe?
Internet Explorer 10 canvas clipping unexpected behavior
how to unbind the click event of parent div when clicked on child div
Building a train movement graph
How to delete an item using REST for Sharepoint 2013
How to refresh only the contents of jquery dialog while opening it for the second time
Updating the date portion of a javascript object without changing the time portion
JavaScript not working in Safari on iPad
How to make a table with rows that can be copied (adding a new row after that one, containing the same) with Javascript?
How can we implement componentWillUnmount using react hooks?
Use Angular Directive attributes in its template
How to write a file from an ArrayBuffer in JS
ES6 Classes for Data Models

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!