Side navigation
#8539 closed bug (fixed)
Opened March 16, 2011 06:11AM UTC
Closed October 13, 2011 03:12PM UTC
Sizzle cache collision in browsers without querySelectorAll
| Reported by: | jryans | Owned by: | timmywil |
|---|---|---|---|
| Priority: | high | Milestone: | 1.7 |
| Component: | selector | Version: | 1.5.1 |
| Keywords: | 1.7-discuss | Cc: | |
| Blocked by: | Blocking: |
Description
In browsers without querySelectorAll (IE 6, IE 7, FF 3.0), Sizzle marks the elements it encounters as seen for a particular selection run. The value used as a marker is an integer that comes from an internal counter which is incremented before each new selection, and these markers on left on the elements after selection completes.
This causes trouble when there are two copies of Sizzle on the page. Running a selection in Sizzle copy A sets the marker on a set of elements to 0. If you then run a selection in Sizzle copy B that passes through the same elements, Sizzle will assume it is safe to use a cached value at that point, since the stored marker of 0 matches copy B's marker for this run. This gives unexpected selection results.
See http://jsfiddle.net/uz4dt/6/ for a test case. The second test fails for browsers without querySelectorAll.
Attachments (0)
Change History (18)
Changed March 16, 2011 06:20AM UTC by comment:1
Changed March 30, 2011 05:31PM UTC by comment:2
Updating: https://github.com/jquery/sizzle/pull/53
(not reviewed)
Changed March 30, 2011 05:49PM UTC by comment:3
| owner: | → john |
|---|---|
| priority: | undecided → blocker |
| status: | new → assigned |
Changed March 30, 2011 07:32PM UTC by comment:4
| component: | unfiled → selector |
|---|
Changed May 22, 2011 07:27PM UTC by comment:5
| keywords: | → 1.7-discuss |
|---|
Nominating ticket for 1.7 discussion.
Changed May 22, 2011 09:29PM UTC by comment:6
| description: | In browsers without querySelectorAll (IE 6, IE 7, FF 3.0), Sizzle marks the elements it encounters as seen for a particular selection run. The value used as a marker is an integer that comes from an internal counter which is incremented before each new selection, and these markers on left on the elements after selection completes. \ \ This causes trouble when there are two copies of Sizzle on the page. Running a selection in Sizzle copy A sets the marker on a set of elements to 0. If you then run a selection in Sizzle copy B that passes through the same elements, Sizzle will assume it is safe to use a cached value at that point, since the stored marker of 0 matches copy B's marker for this run. This gives unexpected selection results. \ \ See http://jsfiddle.net/uz4dt/6/ for a test case. The second test fails for browsers without querySelectorAll. → In browsers without querySelectorAll (IE 6, IE 7, FF 3.0), Sizzle marks the elements it encounters as seen for a particular selection run. The value used as a marker is an integer that comes from an internal counter which is incremented before each new selection, and these markers on left on the elements after selection completes.\ \ This causes trouble when there are two copies of Sizzle on the page. Running a selection in Sizzle copy A sets the marker on a set of elements to 0. If you then run a selection in Sizzle copy B that passes through the same elements, Sizzle will assume it is safe to use a cached value at that point, since the stored marker of 0 matches copy B's marker for this run. This gives unexpected selection results.\ \ See http://jsfiddle.net/uz4dt/6/ for a test case. The second test fails for browsers without querySelectorAll. |
|---|
+1, Seems like a bug, should be fixed
Changed May 23, 2011 12:35AM UTC by comment:7
+1, Sizzle should have a mean to specify which counter field name to use, right?
Changed May 23, 2011 04:22AM UTC by comment:8
+1,
Changed May 24, 2011 09:20PM UTC by comment:9
| description: | In browsers without querySelectorAll (IE 6, IE 7, FF 3.0), Sizzle marks the elements it encounters as seen for a particular selection run. The value used as a marker is an integer that comes from an internal counter which is incremented before each new selection, and these markers on left on the elements after selection completes.\ \ This causes trouble when there are two copies of Sizzle on the page. Running a selection in Sizzle copy A sets the marker on a set of elements to 0. If you then run a selection in Sizzle copy B that passes through the same elements, Sizzle will assume it is safe to use a cached value at that point, since the stored marker of 0 matches copy B's marker for this run. This gives unexpected selection results.\ \ See http://jsfiddle.net/uz4dt/6/ for a test case. The second test fails for browsers without querySelectorAll. → In browsers without querySelectorAll (IE 6, IE 7, FF 3.0), Sizzle marks the elements it encounters as seen for a particular selection run. The value used as a marker is an integer that comes from an internal counter which is incremented before each new selection, and these markers on left on the elements after selection completes. \ \ This causes trouble when there are two copies of Sizzle on the page. Running a selection in Sizzle copy A sets the marker on a set of elements to 0. If you then run a selection in Sizzle copy B that passes through the same elements, Sizzle will assume it is safe to use a cached value at that point, since the stored marker of 0 matches copy B's marker for this run. This gives unexpected selection results. \ \ See http://jsfiddle.net/uz4dt/6/ for a test case. The second test fails for browsers without querySelectorAll. |
|---|
+1, although it would be preferable to ban IE6/7 from the planet.
Changed June 03, 2011 01:50PM UTC by comment:10
| description: | In browsers without querySelectorAll (IE 6, IE 7, FF 3.0), Sizzle marks the elements it encounters as seen for a particular selection run. The value used as a marker is an integer that comes from an internal counter which is incremented before each new selection, and these markers on left on the elements after selection completes. \ \ This causes trouble when there are two copies of Sizzle on the page. Running a selection in Sizzle copy A sets the marker on a set of elements to 0. If you then run a selection in Sizzle copy B that passes through the same elements, Sizzle will assume it is safe to use a cached value at that point, since the stored marker of 0 matches copy B's marker for this run. This gives unexpected selection results. \ \ See http://jsfiddle.net/uz4dt/6/ for a test case. The second test fails for browsers without querySelectorAll. → In browsers without querySelectorAll (IE 6, IE 7, FF 3.0), Sizzle marks the elements it encounters as seen for a particular selection run. The value used as a marker is an integer that comes from an internal counter which is incremented before each new selection, and these markers on left on the elements after selection completes.\ \ This causes trouble when there are two copies of Sizzle on the page. Running a selection in Sizzle copy A sets the marker on a set of elements to 0. If you then run a selection in Sizzle copy B that passes through the same elements, Sizzle will assume it is safe to use a cached value at that point, since the stored marker of 0 matches copy B's marker for this run. This gives unexpected selection results.\ \ See http://jsfiddle.net/uz4dt/6/ for a test case. The second test fails for browsers without querySelectorAll. |
|---|
+1, Not 100% keen on the currently proposed solution but yeah, seems like we can do something here.
Changed June 03, 2011 03:52PM UTC by comment:11
+1
Changed June 04, 2011 10:17PM UTC by comment:12
+1
Changed June 05, 2011 09:23PM UTC by comment:13
| description: | In browsers without querySelectorAll (IE 6, IE 7, FF 3.0), Sizzle marks the elements it encounters as seen for a particular selection run. The value used as a marker is an integer that comes from an internal counter which is incremented before each new selection, and these markers on left on the elements after selection completes.\ \ This causes trouble when there are two copies of Sizzle on the page. Running a selection in Sizzle copy A sets the marker on a set of elements to 0. If you then run a selection in Sizzle copy B that passes through the same elements, Sizzle will assume it is safe to use a cached value at that point, since the stored marker of 0 matches copy B's marker for this run. This gives unexpected selection results.\ \ See http://jsfiddle.net/uz4dt/6/ for a test case. The second test fails for browsers without querySelectorAll. → In browsers without querySelectorAll (IE 6, IE 7, FF 3.0), Sizzle marks the elements it encounters as seen for a particular selection run. The value used as a marker is an integer that comes from an internal counter which is incremented before each new selection, and these markers on left on the elements after selection completes. \ \ This causes trouble when there are two copies of Sizzle on the page. Running a selection in Sizzle copy A sets the marker on a set of elements to 0. If you then run a selection in Sizzle copy B that passes through the same elements, Sizzle will assume it is safe to use a cached value at that point, since the stored marker of 0 matches copy B's marker for this run. This gives unexpected selection results. \ \ See http://jsfiddle.net/uz4dt/6/ for a test case. The second test fails for browsers without querySelectorAll. |
|---|
+1
Changed July 12, 2011 02:47PM UTC by comment:14
| milestone: | 1.next → 1.7 |
|---|
Changed September 26, 2011 04:30PM UTC by comment:15
| owner: | john → timmywil |
|---|---|
| priority: | blocker → high |
Changed October 12, 2011 02:32PM UTC by comment:16
http://jsfiddle.net/timmywil/uz4dt/16/show/
The property on the element is just elem.sizcache. I'm thinking that should be like jQuery's expando, e.g.
sizzle340987234098230. Then done can stay a regular counter and we avoid collisions.
Changed October 12, 2011 03:20PM UTC by comment:17
oh, that's still linking to my local jquery. That can be changed to another jquery location if you'd like to see it working.
Changed October 13, 2011 03:12PM UTC by comment:18
| resolution: | → fixed |
|---|---|
| status: | assigned → closed |
Update sizzle; Add sizzle cache collision iframe test. Fixes #8539.
Changeset: 8723f3b9e1db5d4fdcd50624441fe3536d1ae2f2
https://github.com/jeresig/sizzle/pull/53