]> source.dussan.org Git - jquery.git/commitdiff
Prevented non-script <script> blocks from executing, fixing #3733.
authorJohn Resig <jeresig@gmail.com>
Sun, 11 Jan 2009 19:33:01 +0000 (19:33 +0000)
committerJohn Resig <jeresig@gmail.com>
Sun, 11 Jan 2009 19:33:01 +0000 (19:33 +0000)
src/core.js
test/unit/core.js

index 78f2bcd140fbafc161d8a421e0af79773c5d05b1..493a655cfbb7e0ae819906f72ef99381c26f83bf 100644 (file)
@@ -923,7 +923,7 @@ jQuery.extend({
 
                if ( fragment ) {
                        for ( var i = 0; ret[i]; i++ ) {
-                               if ( jQuery.nodeName( ret[i], "script" ) ) {
+                               if ( jQuery.nodeName( ret[i], "script" ) && (!ret[i].type || ret[i].type === "text/javascript") ) {
                                        scripts.push( ret[i].parentNode ? ret[i].parentNode.removeChild( ret[i] ) : ret[i] );
                                } else {
                                        if ( ret[i].nodeType === 1 )
index 494917e081839335356df6e23963ba3901ad60bf..4d04af759a1509a61e1c499a50bb333e2758d11d 100644 (file)
@@ -1352,7 +1352,7 @@ test("val(String/Number)", function() {
 });
 
 test("html(String)", function() {
-       expect(13);
+       expect(17);
        
        jQuery.scriptorder = 0;
        
@@ -1381,6 +1381,10 @@ test("html(String)", function() {
        equals( $div.html( 5 ).html(), '5', 'Setting a number as html' );
        equals( $div.html( 0 ).html(), '0', 'Setting a zero as html' );
 
+       reset();
+
+       jQuery("#main").html('<script type="something/else">ok( false, "Non-script evaluated." );</script><script type="text/javascript">ok( true, "text/javascript is evaluated." );</script><script>ok( true, "No type is evaluated." );</script><div><script type="text/javascript">ok( true, "Inner text/javascript is evaluated." );</script><script>ok( true, "Inner No type is evaluated." );</script><script type="something/else">ok( false, "Non-script evaluated." );</script></div>');
+
        stop();
 
        jQuery("#main").html('<script type="text/javascript">ok( true, "jQuery().html().evalScripts() Evals Scripts Twice in Firefox, see #975" );</script>');