Side navigation
#3733 closed bug (fixed)
Opened December 21, 2008 02:19PM UTC
Closed January 11, 2009 09:23PM UTC
.load() executes and destroy's <script> tags
| Reported by: | dante | Owned by: | flesler |
|---|---|---|---|
| Priority: | minor | Milestone: | 1.3 |
| Component: | core | Version: | 1.2.6 |
| Keywords: | Cc: | dante | |
| Blocked by: | Blocking: |
Description
The expected behavior across all browsers is to not execute
<script>tags with an unknown type="" attribute. jQuery is aggressively locating script tags in xhr content, executing them, and removing them from the DOM, despite what their type="" is. It is expected that the absence of a type indicates javascript (or has been the 'norm' all this time) but an invalid type has never executed.
<script type="not/javascript">should not execute as javascript. Just as
<script type="text/javascirpt">wouldn't run (spelling intentional)
This seems trivial nuance, but affects interoperability between Dojo and jQuery, again in trivial ways. Dojo has a "rapid prototype" technique that allows you to inherit functions from directly within a instance declaration:
<div dojoType="Thinger"><script type='dojo/method' event='onChange'>...</script></div>
When this content is loaded by standard xhr, the script is ignored. When loaded via .load(), jQuery executes and block, and removes the script, disallowing the widget it is meant to override from having access to it to bind the connections.
I'm happy with a wontfix here, provided we acknowledge the issue and document the quirk regarding the two libs. I would prefer to see jQuery only look for text/javascript or null type attribute, as the browsers do.
Test attached. break small <div> out to external html and load. Happy to do a patch if interested.
Attachments (2)
Change History (9)
Changed December 23, 2008 08:44PM UTC by comment:1
| cc: | → dante |
|---|---|
| owner: | → dmethvin |
| status: | new → assigned |
Changed December 23, 2008 08:44PM UTC by comment:2
| owner: | dmethvin → flesler |
|---|---|
| status: | assigned → new |
Changed December 24, 2008 10:19PM UTC by comment:3
I have created a patch that fixes this bug, see attachment bug-3733.patch - It simply checks for no type or type=text/javascript before adding for globalEval & removing from the DOM.
Changed December 25, 2008 10:21PM UTC by comment:4
I suppose something is wrong with 1.3 beta.
Older versions do work on situations like these:
jQuery('<script type="text/javascript">alert("a")</script>').appendTo('body')
jQuery('<div><script type="text/javascript">alert("a")</script></div>').appendTo('body')
Now they never execute at all.
Changed December 25, 2008 10:25PM UTC by comment:5
| status: | new → assigned |
|---|
Changed January 08, 2009 03:02AM UTC by comment:6
I've added an updated test case that breaks with 1.3b2 to ticket #3105, which also includes an example of this bug.
Changed January 11, 2009 07:33PM UTC by comment:7
| component: | ajax → core |
|---|---|
| resolution: | → fixed |
| status: | assigned → closed |
Fixed in SVN rev [6083].
Changed January 11, 2009 08:07PM UTC by comment:8
| resolution: | fixed |
|---|---|
| status: | closed → reopened |
need jQuery( "script", elem ).type.toLowerCase() for non-FF browsers.
I know "text/JavaScript" is wrong, but lots of people write this.
Changed January 11, 2009 09:23PM UTC by comment:9
| resolution: | → fixed |
|---|---|
| status: | reopened → closed |
Thanks cloudream, landed in [6085].
So to summarize the request: If a <script> has no type attribute or a type of "text/javascript" jQuery should execute and remove it; otherwise it should leave the script tag and content in situ.
IE allows script languages other than Javascript; since jQuery.globalEval forces the type to "text/javascript" we're doing the wrong thing for those anyway.