Issue #4754πŸ’¬ AnsweredOpened Nov 30, 2022by jasonliang-dev0 reactions

Closing `</script>` tag not escaped for script properties

Quick answerby derciesto

@jasonliang-dev any update on this? i facing same issue.

Read full answer below ↓

Question

GrapesJS version [X] I confirm to use the latest version of GrapesJS What browser are you using? Chrome Version 107.0.5304.122 (64-bit) Reproducible demo link https://jsfiddle.net/j5khz1gm/ Describe the bug How to reproduce the bug?Create a custom component type with the following default properties:Add the custom component to the canvasGet the page HTML with editor.getHtml()Insert the HTML into a div outside of the editor What is the expected behavior? Expected the closing script tag to be escaped in the generated HTML. No alert dialog should appear. What is the current behavior? The script...

Answers (2)

derciestoβ€’ Jan 9, 2023

@jasonliang-dev any update on this? i facing same issue.

GJSBlockβ€’ May 17, 2026

Thanks for reporting this, @jasonliang-dev. Great question about Closing </script> tag not escaped for script properties. The recommended approach with StyleManager is to use the event-driven API. Start here: Check the GrapesJS documentation for your specific module Look for the on() event listener...

Related Questions and Answers

Continue research with similar issue discussions.

Paid Plugins That Match This Issue

Curated by issue keywords and label relevance to help you ship faster.

View all plugins

Loading paid plugin recommendations...

Free option

Check the open-source GrapesJS plugins on GitHub or run a quick search in our free catalog.

Browse free plugins β†’
Premium option

Premium plugins ship with support, regular updates, and production-ready features β€” save days of integration work.

Browse premium plugins β†’

Related tutorials

In-depth guides on the same topic.

All tutorials β†’

Browse Plugin Categories

Jump directly to plugin category pages on the marketplace.