javascript - HTML error. Tag not closed - Stack Overflow

admin管理员组

文章数量:1405393

Lets imagine this scenario: In your web site you allow your user to post html (Of course you have to be aware to security issues). Your user posts:

<div> Main div <div> child div </div>.

Forgetting to close the Main div. When I serve the page containing the post with the bad html, I would be delivering a page that is all messed up.

Is there some way or an html tag to "encapsulate" or to isolate a portion of html in a page and let the user be responsible for his own ad? The idea is to implement an advertise system where the user is allowed to design his own ads.

This could also be useful to isolate errors when designing my own pages.

Thank you very much in advance.

Lets imagine this scenario: In your web site you allow your user to post html (Of course you have to be aware to security issues). Your user posts:

<div> Main div <div> child div </div>.

Forgetting to close the Main div. When I serve the page containing the post with the bad html, I would be delivering a page that is all messed up.

Is there some way or an html tag to "encapsulate" or to isolate a portion of html in a page and let the user be responsible for his own ad? The idea is to implement an advertise system where the user is allowed to design his own ads.

This could also be useful to isolate errors when designing my own pages.

Thank you very much in advance.

• javascript
• html

Share Improve this question Follow edited Dec 3, 2013 at 18:00 cimmanon 68.4k1717 gold badges168168 silver badges172172 bronze badges asked Dec 3, 2013 at 17:39 mdevmdev 47288 silver badges2020 bronze badges 4

• You say "be aware to security issues" - and I actually think any framework that handles the security issues will also handle this mismatched tag. After all, mismatched-tags (or unclosed tags, etc) could be used as part of an attack, so protecting against one will trivially guard against the other. – cloudfeet Commented Dec 3, 2013 at 17:51
• @cloudfeet How are mismatched tags going to be a security problem? – cimmanon Commented Dec 3, 2013 at 17:54
• Could perfectly be an atack. Could close some tag your page originally opens and make your page look horrible. Thank you all for your answers. – mdev Commented Dec 3, 2013 at 18:57
• By the way. Just developing etside. – mdev Commented May 23, 2015 at 9:01

Add a ment  | 

3 Answers 3

Sorted by: Reset to default 7

Is there some way or an html tag to "encapsulate" or to isolate a portion of html in a page and let the user be responsible for his own ad?

You can use an iframe to do that.

Or: Browsers are very tolerant of broken HTML, you could use the browser to clean it up.

For example:

var str = "<div>This is broken HTML<div>missing end tags";
var e = document.createElement('div');
e.innerHTML = str; // Parse it
str = e.innerHTML; // Serialize it properly

Live Example | Source

When I run that with the string <div>This is broken HTML<div>missing end tags, I get back:

<div>This is broken HTML<div>missing end tags</div></div>

Some browsers may make the tags all caps.

Alternately, use a server-side solution like JSoup (with which you could also sanitize the input; very useful!). You haven't mentioned a server-side language; JSoup is patible with any of the JVM-based languages, and I expect by now there are translations to other platforms...

If using online editors like CKEditor or TinyMCE is an option for your project, they contain HTML validation features that will 'fix up' HTML entered by users (as best they can) or allow you to prevent users from entering certain HTML tags altogether.

I use CKEditor in one of my projects.

I don't think normal users will waste their time dealing with coding proper HTML. Most of them don't even know HTML.

In my observations from one classifieds site I operate, users just cut and paste their ads from other site the ad was already posted to. If the content is cut and paste from an HTML page, using CKEditor, it just appears exactly as it is.

本文标签： javascriptHTML error Tag not closedStack Overflow