Escape </ in script tag contents

Question

In HTML, tags and entities aren\'t parsed within

Answer 1

The HTML specification explains in detail what is allowed and how to securely escape content. Especially considering HTML's history, this is a non-trivial task.

From the HTML specification:

The easiest and safest way to avoid the rather strange restrictions described in this section is to always escape "<!--" as "<\!--", "<script" as "<\script", and "</script" as "<\/script" when these sequences appear in literals in scripts (e.g., in strings, regular expressions, or comments), and to avoid writing code that uses such constructs in expressions. Doing so avoids the pitfalls that the restrictions in this section are prone to triggering: namely, that, for historical reasons, parsing of script blocks in HTML is a strange and exotic practice that acts unintuitively in the face of these sequences.

Source: https://www.w3.org/TR/html52/semantics-scripting.html#restrictions-for-contents-of-script-elements