diff options
| author | jaubourg <j@ubourg.net> | 2011-05-11 14:12:19 +0200 |
|---|---|---|
| committer | jaubourg <j@ubourg.net> | 2011-05-11 14:13:07 +0200 |
| commit | 391398cf23603201f63c6e815a287e0cb107988c (patch) | |
| tree | 34bf815b588fbdbe4df9507cc105d6934685a0fc | |
| parent | 3a1c27b50825c7792a57a2f204ca86408de2cc14 (diff) | |
| download | jquery-391398cf23603201f63c6e815a287e0cb107988c.tar.gz jquery-391398cf23603201f63c6e815a287e0cb107988c.zip | |
Fixes #9221. Wraps openings of html comments and CDATA blocks found at the beginning of inserted script elements into a javascript block comment so that the new implementation of globalEval will not throw an exception in IE (execScript being less lenient than eval). Unit tests added.
| -rw-r--r-- | src/manipulation.js | 5 | ||||
| -rw-r--r-- | test/unit/manipulation.js | 20 |
2 files changed, 22 insertions, 3 deletions
diff --git a/src/manipulation.js b/src/manipulation.js index e9b1ee538..136260450 100644 --- a/src/manipulation.js +++ b/src/manipulation.js @@ -10,6 +10,7 @@ var rinlinejQuery = / jQuery\d+="(?:\d+|null)"/g, // checked="checked" or checked rchecked = /checked\s*(?:[^=]|=\s*.checked.)/i, rscriptType = /\/(java|ecma)script/i, + rcleanScript = /^\s*<!(?:\[CDATA\[|\-\-)/, wrapMap = { option: [ 1, "<select multiple='multiple'>", "</select>" ], legend: [ 1, "<fieldset>", "</fieldset>" ], @@ -500,7 +501,7 @@ jQuery.each({ function getAll( elem ) { if ( "getElementsByTagName" in elem ) { return elem.getElementsByTagName( "*" ); - + } else if ( "querySelectorAll" in elem ) { return elem.querySelectorAll( "*" ); @@ -738,7 +739,7 @@ function evalScript( i, elem ) { dataType: "script" }); } else { - jQuery.globalEval( elem.text || elem.textContent || elem.innerHTML || "" ); + jQuery.globalEval( ( elem.text || elem.textContent || elem.innerHTML || "" ).replace( rcleanScript, "/*$0*/" ) ); } if ( elem.parentNode ) { diff --git a/test/unit/manipulation.js b/test/unit/manipulation.js index 972cfaf91..0f980463f 100644 --- a/test/unit/manipulation.js +++ b/test/unit/manipulation.js @@ -1044,7 +1044,7 @@ test("clone(form element) (Bug #3879, #6655)", function() { equals( clone.is(":checked"), element.is(":checked"), "Checked input cloned correctly" ); equals( clone[0].defaultValue, "foo", "Checked input defaultValue cloned correctly" ); - + // defaultChecked also gets set now due to setAttribute in attr, is this check still valid? // equals( clone[0].defaultChecked, !jQuery.support.noCloneChecked, "Checked input defaultChecked cloned correctly" ); @@ -1396,3 +1396,21 @@ test("jQuery.buildFragment - no plain-text caching (Bug #6779)", function() { equals($f.text(), bad.join(""), "Cached strings that match Object properties"); $f.remove(); }); + +test( "jQuery.html - execute scripts escaped with html comment or CDATA (#9221)", function() { + expect( 2 ); + jQuery( [ + '<script type="text/javascript">', + '<!--', + 'ok( true, "<!-- handled" );', + '//-->', + '</script>' + ].join ( "\n" ) ).appendTo( "#qunit-fixture" ); + jQuery( [ + '<script type="text/javascript">', + '<![CDATA[', + 'ok( true, "<![CDATA[ handled" );', + '//]]>', + '</script>' + ].join ( "\n" ) ).appendTo( "#qunit-fixture" ); +}); |