Side navigation
Ticket #5048: jquery-1.3.2-jsonp-leak.patch
File jquery-1.3.2-jsonp-leak.patch, 1.6 KB (added by sigmunau, August 14, 2009 09:30AM UTC)
Index: include/platform/jquery/jquery-1.3.2.js
===================================================================
--- include/platform/jquery/jquery-1.3.2.js (revision 5351)
+++ include/platform/jquery/jquery-1.3.2.js (working copy)
@@ -3428,6 +3428,7 @@
// We need to make sure
// that a JSONP style response is executed properly
s.dataType = "script";
+ s._jsonp = jsonp;
// Handle JSONP-style loading
window[ jsonp ] = function(tmp){
@@ -3475,6 +3476,7 @@
var head = document.getElementsByTagName("head")[0];
var script = document.createElement("script");
+ s._script = script;
script.src = s.url;
if (s.scriptCharset)
script.charset = s.scriptCharset;
@@ -3511,11 +3513,16 @@
// Open the socket
// Passing null username, generates a login popup on Opera (#2865)
+ try {
if( s.username )
xhr.open(type, s.url, s.async, s.username, s.password);
else
xhr.open(type, s.url, s.async);
+ } catch(e) {
+ jQuery.handleError(s, xhr, "error");
+ }
+
// Need an extra try/catch for cross domain requests in Firefox 3
try {
// Set the correct header, if data is being sent
@@ -3674,6 +3681,14 @@
// Fire the global callback
if ( s.global )
jQuery.event.trigger( "ajaxError", [xhr, s, e] );
+ if( s.dataType == 'script') {
+ window[ s._jsonp ] = undefined;
+ try{ delete window[ s._jsonp ]; } catch(e){}
+ if ( s._script ) {
+ var head = document.getElementsByTagName("head")[0];
+ head.removeChild( s._script );
+ }
+ }
},
// Counter for holding the number of active queries
Download in other formats:
Original Format
File jquery-1.3.2-jsonp-leak.patch, 1.6 KB (added by sigmunau, August 14, 2009 09:30AM UTC)
Index: include/platform/jquery/jquery-1.3.2.js
===================================================================
--- include/platform/jquery/jquery-1.3.2.js (revision 5351)
+++ include/platform/jquery/jquery-1.3.2.js (working copy)
@@ -3428,6 +3428,7 @@
// We need to make sure
// that a JSONP style response is executed properly
s.dataType = "script";
+ s._jsonp = jsonp;
// Handle JSONP-style loading
window[ jsonp ] = function(tmp){
@@ -3475,6 +3476,7 @@
var head = document.getElementsByTagName("head")[0];
var script = document.createElement("script");
+ s._script = script;
script.src = s.url;
if (s.scriptCharset)
script.charset = s.scriptCharset;
@@ -3511,11 +3513,16 @@
// Open the socket
// Passing null username, generates a login popup on Opera (#2865)
+ try {
if( s.username )
xhr.open(type, s.url, s.async, s.username, s.password);
else
xhr.open(type, s.url, s.async);
+ } catch(e) {
+ jQuery.handleError(s, xhr, "error");
+ }
+
// Need an extra try/catch for cross domain requests in Firefox 3
try {
// Set the correct header, if data is being sent
@@ -3674,6 +3681,14 @@
// Fire the global callback
if ( s.global )
jQuery.event.trigger( "ajaxError", [xhr, s, e] );
+ if( s.dataType == 'script') {
+ window[ s._jsonp ] = undefined;
+ try{ delete window[ s._jsonp ]; } catch(e){}
+ if ( s._script ) {
+ var head = document.getElementsByTagName("head")[0];
+ head.removeChild( s._script );
+ }
+ }
},
// Counter for holding the number of active queries