fix: [#1564] Fixes issue where text in script and style elements shou…

…ld not be decoded or encoded (#1654)
capricorn86 · Dec 31, 2024 · 78eb240 · 78eb240
1 parent 2c8a596
commit 78eb240
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 5 deletions.
diff --git a/packages/happy-dom/src/html-parser/HTMLParser.ts b/packages/happy-dom/src/html-parser/HTMLParser.ts
@@ -738,10 +738,8 @@ export default class HTMLParser {
 		}
 
 		// Plain text elements such as <script> and <style> should only contain text.
-		this.currentNode[PropertySymbol.appendChild](
-			this.rootDocument.createTextNode(XMLEncodeUtility.decodeHTMLEntities(text)),
-			true
-		);
+		// Plain text elements should not decode entities. See #1564.
+		this.currentNode[PropertySymbol.appendChild](this.rootDocument.createTextNode(text), true);
 
 		const rawTextElement = this.currentNode;
 

diff --git a/packages/happy-dom/test/html-serializer/HTMLSerializer.test.ts b/packages/happy-dom/test/html-serializer/HTMLSerializer.test.ts
@@ -2,7 +2,6 @@ import HTMLSerializer from '../../src/html-serializer/HTMLSerializer.js';
 import Window from '../../src/window/Window.js';
 import Document from '../../src/nodes/document/Document.js';
 import CustomElement from '../CustomElement.js';
-import * as PropertySymbol from '../../src/PropertySymbol.js';
 import { beforeEach, afterEach, describe, it, expect } from 'vitest';
 
 describe('HTMLSerializer', () => {
@@ -297,5 +296,18 @@ describe('HTMLSerializer', () => {
 				`<a href="https://www.com/" style="background-image: url(&quot;https://cdn.cookie.org/image.svg&quot;);"></a>`
 			);
 		});
+
+		it("Doesn't escape text in <script> and <style> elements for #1564.", () => {
+			expect(
+				serializer.serializeToString(
+					(<Document>(
+						new window.DOMParser().parseFromString(
+							'<div><script>//<>&lt;&gt;</script><style>//<>&lt;&gt;</style></div>',
+							'text/html'
+						)
+					)).body
+				)
+			).toBe('<body><div><script>//<>&lt;&gt;</script><style>//<>&lt;&gt;</style></div></body>');
+		});
 	});
 });
diff --git a/packages/happy-dom/test/xml-serializer/XMLSerializer.test.ts b/packages/happy-dom/test/xml-serializer/XMLSerializer.test.ts
@@ -456,5 +456,20 @@ describe('XMLSerializer', () => {
                 </root>`
 			);
 		});
+
+		it("Doesn't escape text in <script> and <style> elements for #1564.", () => {
+			expect(
+				new XMLSerializer().serializeToString(
+					(<Document>(
+						new window.DOMParser().parseFromString(
+							'<div><script>//<>&lt;&gt;</script><style>//<>&lt;&gt;</style></div>',
+							'text/html'
+						)
+					)).body
+				)
+			).toBe(
+				'<body xmlns="http://www.w3.org/1999/xhtml"><div><script>//<>&lt;&gt;</script><style>//<>&lt;&gt;</style></div></body>'
+			);
+		});
 	});
 });