#6765 closed bug (duplicate)
jQuery strips non type='text/javscript' script tags when cleaning fragments
Reported by: | johnferin | Owned by: | johnferin |
---|---|---|---|
Priority: | high | Milestone: | 1.next |
Component: | manipulation | Version: | 1.5 |
Keywords: | cleaning, escaping | Cc: | |
Blocked by: | Blocking: |
Description
On Line 4498
ret.splice.apply( ret, [i + 1, 0].concat(jQuery.makeArray(ret[i].getElementsByTagName("script"))) );
This will strip <script type='text/html'> tags.
An ugly solution for this is
ret.splice.apply( ret, [i + 1, 0].concat(jQuery.makeArray(ret[i].getElementsByTagName("script")).filter(function(i,n){ return i.type.toLowerCase() == 'text/javascript'})) );
Change History (6)
comment:1 Changed 13 years ago by
Component: | core → manipulation |
---|---|
Milestone: | 1.4.3 → 1.5 |
Owner: | set to johnferin |
Priority: | → low |
Status: | new → pending |
comment:2 Changed 13 years ago by
Status: | pending → closed |
---|
Automatically closed due to 14 days of inactivity.
comment:3 Changed 13 years ago by
There are more common MIME types for JavaScript: application/ecmascript, text/jscript, etc. [1][2] Also they can contain version identifiers: application/javascript;version=1.7 [3].
[1] http://msdn.microsoft.com/en-us/library/ms534701%28v=vs.85%29.aspx [2] https://developer.mozilla.org/En/HTML/Element/Script [3] https://developer.mozilla.org/en/new_in_javascript_1.7
comment:4 Changed 13 years ago by
Milestone: | 1.5 → 1.next |
---|---|
Status: | closed → reopened |
Version: | 1.4.2 → 1.5 |
comment:5 Changed 13 years ago by
Priority: | low → high |
---|---|
Resolution: | → duplicate |
Status: | reopened → closed |
I'd love a jsfiddle reduced test case on this so i can push it forward. Thanks!