When detecting html in init, ignore html characters within quotes, brackets, and parens as well as escaped characters which are valid in selectors. Fixes #11290.

2 files changed, 8 insertions, 2 deletions

diff --git a/src/core.js b/src/core.js
index c0113a190..1bf7e5603 100644
--- a/src/core.js
+++ b/src/core.js
@@ -41,7 +41,8 @@ var
 
 	// A simple way to check for HTML strings
 	// Prioritize #id over <tag> to avoid XSS via location.hash (#9521)
-	rhtmlString = /^(?:[^#<]*(<[\w\W]+>)[^>]*$)/,
+	// Ignore html if within quotes "" '' or brackets/parens [] ()
+	rhtmlString = /^(?:[^#<\\]*(<[\w\W]+>)(?![^\[]*\])(?![^\(]*\))(?![^']*')(?![^"]*")[^>]*$)/,
 
 	// Match a standalone tag
 	rsingleTag = /^<(\w+)\s*\/?>(?:<\/\1>)?$/,
diff --git a/test/unit/core.js b/test/unit/core.js
index 9950228e8..0b392adf1 100644
--- a/test/unit/core.js
+++ b/test/unit/core.js
@@ -605,7 +605,7 @@ test("isWindow", function() {
 });
 
 test("jQuery('html')", function() {
-	expect(18);
+	expect( 22 );
 
 	QUnit.reset();
 	jQuery.foo = false;
@@ -638,6 +638,11 @@ test("jQuery('html')", function() {
 	ok( jQuery("<div></div>")[0], "Create a div with closing tag." );
 	ok( jQuery("<table></table>")[0], "Create a table with closing tag." );
 
+	equal( jQuery("element[attribute='<div></div>']").length, 0, "When html is within brackets, do not recognize as html." );
+	equal( jQuery("element[attribute=<div></div>]").length, 0, "When html is within brackets, do not recognize as html." );
+	equal( jQuery("element:not(<div></div>)").length, 0, "When html is within parens, do not recognize as html." );
+	equal( jQuery("\\<div\\>").length, 0, "Ignore escaped html characters" );
+
 	// Test very large html string #7990
 	var i;
 	var li = "<li>very large html string</li>";