Skip to main content

Bug Tracker

Side navigation

#6765 closed bug (duplicate)

Opened July 05, 2010 06:39AM UTC

Closed February 05, 2011 01:00AM UTC

Last modified February 05, 2011 01:00AM UTC

jQuery strips non type='text/javscript' script tags when cleaning fragments

Reported by: johnferin Owned by: johnferin
Priority: high Milestone: 1.next
Component: manipulation Version: 1.5
Keywords: cleaning, escaping Cc:
Blocked by: Blocking:
Description

On Line 4498

ret.splice.apply( ret, [i + 1, 0].concat(jQuery.makeArray(ret[i].getElementsByTagName("script"))) );

This will strip <script type='text/html'> tags.

An ugly solution for this is

ret.splice.apply( ret, [i + 1, 0].concat(jQuery.makeArray(ret[i].getElementsByTagName("script")).filter(function(i,n){ return i.type.toLowerCase() == 'text/javascript'})) );

Attachments (0)
Change History (6)

Changed October 23, 2010 10:43PM UTC by SlexAxton comment:1

component: coremanipulation
milestone: 1.4.31.5
owner: → johnferin
priority: → low
status: newpending

I'd love a jsfiddle reduced test case on this so i can push it forward. Thanks!

Changed November 11, 2010 11:09PM UTC by trac-o-bot comment:2

status: pendingclosed

Automatically closed due to 14 days of inactivity.

Changed February 04, 2011 07:25PM UTC by anonymous comment:3

There are more common MIME types for JavaScript: application/ecmascript, text/jscript, etc. [1][2] Also they can contain version identifiers: application/javascript;version=1.7 [3].

[1] http://msdn.microsoft.com/en-us/library/ms534701%28v=vs.85%29.aspx

[2] https://developer.mozilla.org/En/HTML/Element/Script

[3] https://developer.mozilla.org/en/new_in_javascript_1.7

Changed February 04, 2011 11:37PM UTC by jitter comment:4

milestone: 1.51.next
status: closedreopened
version: 1.4.21.5

Changed February 05, 2011 01:00AM UTC by jitter comment:5

priority: lowhigh
resolution: → duplicate
status: reopenedclosed

Changed February 05, 2011 01:00AM UTC by jitter comment:6

Duplicate of #6180.