Are CDATA tags ever necessary in script tags and if so when?
In other words, when and where is this:
<script type="text/javascript">
//<![CDATA[
...code...
//]]>
</script>
preferable to this:
<script type="text/javascript">
...code...
</script>
This question is related to
javascript
html
xhtml
cdata
Basically it is to allow to write a document that is both XHTML and HTML. The problem is that within XHTML, the XML parser will interpret the &,<,> characters in the script tag and cause XML parsing error. So, you can write your JavaScript with entities, e.g.:
if (a > b) alert('hello world');
But this is impractical. The bigger problem is that if you read the page in HTML, the tag script is considered CDATA 'by default', and such JavaScript will not run. Therefore, if you want the same page to be OK both using XHTML and HTML parsers, you need to enclose the script tag in CDATA element in XHTML, but NOT to enclose it in HTML.
This trick marks the start of a CDATA element as a JavaScript comment; in HTML the JavaScript parser ignores the CDATA tag (it's a comment). In XHTML, the XML parser (which is run before the JavaScript) detects it and treats the rest until end of CDATA as CDATA.
It to ensure that XHTML validation works correctly when you have JavaScript embedded in your page, rather than externally referenced.
XHTML requires that your page strictly conform to XML markup requirements. Since JavaScript may contain characters with special meaning, you must wrap it in CDATA to ensure that validation does not flag it as malformed.
With HTML pages on the web you can just include the required JavaScript between and tags. When you validate the HTML on your web page the JavaScript content is considered to be CDATA (character data) that is therefore ignored by the validator. The same is not true if you follow the more recent XHTML standards in setting up your web page. With XHTML the code between the script tags is considered to be PCDATA (parsed character data) which is therefore processed by the validator.
Because of this, you can't just include JavaScript between the script tags on your page without 'breaking' your web page (at least as far as the validator is concerned).
You can learn more about CDATA here, and more about XHTML here.
to avoid xml errors during xhtml validation.
CDATA indicates that the contents within are not XML.
It to ensure that XHTML validation works correctly when you have JavaScript embedded in your page, rather than externally referenced.
XHTML requires that your page strictly conform to XML markup requirements. Since JavaScript may contain characters with special meaning, you must wrap it in CDATA to ensure that validation does not flag it as malformed.
With HTML pages on the web you can just include the required JavaScript between and tags. When you validate the HTML on your web page the JavaScript content is considered to be CDATA (character data) that is therefore ignored by the validator. The same is not true if you follow the more recent XHTML standards in setting up your web page. With XHTML the code between the script tags is considered to be PCDATA (parsed character data) which is therefore processed by the validator.
Because of this, you can't just include JavaScript between the script tags on your page without 'breaking' your web page (at least as far as the validator is concerned).
You can learn more about CDATA here, and more about XHTML here.
When you are going for strict XHTML compliance, you need the CDATA so less than and ampersands are not flagged as invalid characters.
Do not use CDATA in HTML4 but you should use CDATA in XHTML and must use CDATA in XML if you have unescaped symbols like < and >.
It's an X(HT)ML thing. When you use symbols like <
and >
within the JavaScript, e.g. for comparing two integers, this would have to be parsed like XML, thus they would mark as a beginning or end of a tag.
The CDATA means that the following lines (everything up unto the ]]>
is not XML and thus should not be parsed that way.
CDATA is necessary in any XML dialect, because text within an XML node is treated as a child element before being evaluated as JavaScript. This is also the reason why JSLint complains about the <
character in regexes.
References
When you are going for strict XHTML compliance, you need the CDATA so less than and ampersands are not flagged as invalid characters.
When you want it to validate (in XML/XHTML - thanks, Loren Segal).
When you are going for strict XHTML compliance, you need the CDATA so less than and ampersands are not flagged as invalid characters.
When you want it to validate (in XML/XHTML - thanks, Loren Segal).
CDATA tells the browser to display the text as is and not to render it as an HTML.
Do not use CDATA in HTML4 but you should use CDATA in XHTML and must use CDATA in XML if you have unescaped symbols like < and >.
It's an X(HT)ML thing. When you use symbols like <
and >
within the JavaScript, e.g. for comparing two integers, this would have to be parsed like XML, thus they would mark as a beginning or end of a tag.
The CDATA means that the following lines (everything up unto the ]]>
is not XML and thus should not be parsed that way.
When browsers treat the markup as XML:
<script>
<![CDATA[
...code...
]]>
</script>
When browsers treat the markup as HTML:
<script>
...code...
</script>
When browsers treat the markup as HTML and you want your XHTML 1.0 markup (for example) to validate.
<script>
//<![CDATA[
...code...
//]]>
</script>
An HTML parser will treat everything between <script>
and </script>
as part of the script. Some implementations don't even need a correct closing tag; they stop script interpretation at ". </
", which is correct according to the specs
Update In HTML5, and with current browsers, that is not the case anymore.
So, in HTML, this is not possible:
<script>
var x = '</script>';
alert(x)
</script>
A CDATA
section has no effect at all. That's why you need to write
var x = '<' + '/script>'; // or
var x = '<\/script>';
or similar.
This also applies to XHTML files served as text/html
. (Since IE does not support XML content types, this is mostly true.)
In XML, different rules apply. Note that (non IE) browsers only use an XML parser if the XHMTL document is served with an XML content type.
To the XML parser, a script
tag is no better than any other tag. Particularly, a script node may contain non-text child nodes, triggered by "<
"; and a "&
" sign denotes a character entity.
So, in XHTML, this is not possible:
<script>
if (a<b && c<d) {
alert('Hooray');
}
</script>
To work around this, you can wrap the whole script in a CDATA
section. This tells the parser: 'In this section, don't treat "<
" and "&
" as control characters.' To prevent the JavaScript engine from interpreting the "<![CDATA[
" and "]]>
" marks, you can wrap them in comments.
If your script does not contain any "<
" or "&
", you don't need a CDATA
section anyway.
That way older browser don't parse the Javascript code and the page doesn't break.
Backwards compatability. Gotta love it.
When you want it to validate (in XML/XHTML - thanks, Loren Segal).
CDATA indicates that the contents within are not XML.
Here is an explanation on wikipedia
When you want it to validate (in XML/XHTML - thanks, Loren Segal).
to avoid xml errors during xhtml validation.
CDATA is necessary in any XML dialect, because text within an XML node is treated as a child element before being evaluated as JavaScript. This is also the reason why JSLint complains about the <
character in regexes.
References
Do not use CDATA in HTML4 but you should use CDATA in XHTML and must use CDATA in XML if you have unescaped symbols like < and >.
When browsers treat the markup as XML:
<script>
<![CDATA[
...code...
]]>
</script>
When browsers treat the markup as HTML:
<script>
...code...
</script>
When browsers treat the markup as HTML and you want your XHTML 1.0 markup (for example) to validate.
<script>
//<![CDATA[
...code...
//]]>
</script>
CDATA indicates that the contents within are not XML.
Here is an explanation on wikipedia
Do not use CDATA in HTML4 but you should use CDATA in XHTML and must use CDATA in XML if you have unescaped symbols like < and >.
An HTML parser will treat everything between <script>
and </script>
as part of the script. Some implementations don't even need a correct closing tag; they stop script interpretation at ". </
", which is correct according to the specs
Update In HTML5, and with current browsers, that is not the case anymore.
So, in HTML, this is not possible:
<script>
var x = '</script>';
alert(x)
</script>
A CDATA
section has no effect at all. That's why you need to write
var x = '<' + '/script>'; // or
var x = '<\/script>';
or similar.
This also applies to XHTML files served as text/html
. (Since IE does not support XML content types, this is mostly true.)
In XML, different rules apply. Note that (non IE) browsers only use an XML parser if the XHMTL document is served with an XML content type.
To the XML parser, a script
tag is no better than any other tag. Particularly, a script node may contain non-text child nodes, triggered by "<
"; and a "&
" sign denotes a character entity.
So, in XHTML, this is not possible:
<script>
if (a<b && c<d) {
alert('Hooray');
}
</script>
To work around this, you can wrap the whole script in a CDATA
section. This tells the parser: 'In this section, don't treat "<
" and "&
" as control characters.' To prevent the JavaScript engine from interpreting the "<![CDATA[
" and "]]>
" marks, you can wrap them in comments.
If your script does not contain any "<
" or "&
", you don't need a CDATA
section anyway.
CDATA tells the browser to display the text as is and not to render it as an HTML.
When you are going for strict XHTML compliance, you need the CDATA so less than and ampersands are not flagged as invalid characters.
When browsers treat the markup as XML:
<script>
<![CDATA[
...code...
]]>
</script>
When browsers treat the markup as HTML:
<script>
...code...
</script>
When browsers treat the markup as HTML and you want your XHTML 1.0 markup (for example) to validate.
<script>
//<![CDATA[
...code...
//]]>
</script>
CDATA indicates that the contents within are not XML.
That way older browser don't parse the Javascript code and the page doesn't break.
Backwards compatability. Gotta love it.
Basically it is to allow to write a document that is both XHTML and HTML. The problem is that within XHTML, the XML parser will interpret the &,<,> characters in the script tag and cause XML parsing error. So, you can write your JavaScript with entities, e.g.:
if (a > b) alert('hello world');
But this is impractical. The bigger problem is that if you read the page in HTML, the tag script is considered CDATA 'by default', and such JavaScript will not run. Therefore, if you want the same page to be OK both using XHTML and HTML parsers, you need to enclose the script tag in CDATA element in XHTML, but NOT to enclose it in HTML.
This trick marks the start of a CDATA element as a JavaScript comment; in HTML the JavaScript parser ignores the CDATA tag (it's a comment). In XHTML, the XML parser (which is run before the JavaScript) detects it and treats the rest until end of CDATA as CDATA.
When browsers treat the markup as XML:
<script>
<![CDATA[
...code...
]]>
</script>
When browsers treat the markup as HTML:
<script>
...code...
</script>
When browsers treat the markup as HTML and you want your XHTML 1.0 markup (for example) to validate.
<script>
//<![CDATA[
...code...
//]]>
</script>
Source: Stackoverflow.com