Raise an error for script tags

[g13013]

fixes #427

[mmun]

Does this catch <SCRIPT> with capitals? We may need to change the comparison to use tag.toLowerCase().name.

[g13013]

@mmun I fixed the test to only validate the line number and rebased in the first commit. I also cleaned both functions in the second commit.

I am unsure about uppercase script tag comparison, it is used many times throughout the code and I think, if there is a problem with it, it needs a PR to fix it everywhere!

[timkendrick]

Just seen this PR - is there any chance this behavior can be made optional for specific use cases?

I'm using HTMLBars to render templates on the server-side using simple-dom, so there's no danger of script injection etc. It's working great with the current npm version (0.14.6), and it'd be a real shame for the next update to break all my templates.

Ultimately I'd love it if the <script> content could be parsed as a normal text node until it reaches the </script> tag, but failing this is there a way to at least prevent throwing this error and retain the current behavior?

I'm fine with monkey-patching the parser at runtime if that's relatively straightforward, and can control the script content to make sure it doesn't confuse the parser, but I worry that I'd have to abandon HTMLBars altogether if it outright vetoes any templates containing <script> tags... :/

[mixonic]

@timkendrick I think you agree the re-rendering semantics are pretty wacky for something like this. I doubt we should be diverging server-side and client-side capabilities of the templating engine.

I don't suggest you monkey-patch the parser, but you could easily process the simple-dom after rendering (or use the didRender hook in Ember) to attach or execute code as you see fit. That should not be very challenging to implement.

I worry that I'd have to abandon HTMLBars altogether if it outright vetoes any templates containing Githubissues.

Githubissues is a development platform for aggregating issues.