Incorrect parsing of script with regexps
Brought to you by:
derrickoswald
When parsing the following script, Lexer.parseCDATA(true) interprets the quote in the inline regexp /'/ as starting a string that is closed by the quote before '</div>'.
<script>
var content = "<div>";
content += document.title.replace(/'/g,"’") ;
content += '</div>';
</script>
The following </ token then closes the script prematurely:
<script>
var content = "<div>";
content += document.title.replace(/'/g,"’") ;
content += '</script></div>