#6765 closed bug (duplicate)
jQuery strips non type='text/javscript' script tags when cleaning fragments
| Reported by: | johnferin | Owned by: | johnferin |
|---|---|---|---|
| Priority: | high | Milestone: | 1.next |
| Component: | manipulation | Version: | 1.5 |
| Keywords: | cleaning, escaping | Cc: | |
| Blocked by: | Blocking: |
Description
On Line 4498
ret.splice.apply( ret, [i + 1, 0].concat(jQuery.makeArray(ret[i].getElementsByTagName("script"))) );
This will strip <script type='text/html'> tags.
An ugly solution for this is
ret.splice.apply( ret, [i + 1, 0].concat(jQuery.makeArray(ret[i].getElementsByTagName("script")).filter(function(i,n){ return i.type.toLowerCase() == 'text/javascript'})) );
Change History (6)
comment:1 Changed 13 years ago by
| Component: | core → manipulation |
|---|---|
| Milestone: | 1.4.3 → 1.5 |
| Owner: | set to johnferin |
| Priority: | → low |
| Status: | new → pending |
comment:2 Changed 13 years ago by
| Status: | pending → closed |
|---|
Automatically closed due to 14 days of inactivity.
comment:3 Changed 13 years ago by
There are more common MIME types for JavaScript: application/ecmascript, text/jscript, etc. [1][2] Also they can contain version identifiers: application/javascript;version=1.7 [3].
[1] http://msdn.microsoft.com/en-us/library/ms534701%28v=vs.85%29.aspx [2] https://developer.mozilla.org/En/HTML/Element/Script [3] https://developer.mozilla.org/en/new_in_javascript_1.7
comment:4 Changed 13 years ago by
| Milestone: | 1.5 → 1.next |
|---|---|
| Status: | closed → reopened |
| Version: | 1.4.2 → 1.5 |
comment:5 Changed 13 years ago by
| Priority: | low → high |
|---|---|
| Resolution: | → duplicate |
| Status: | reopened → closed |
I'd love a jsfiddle reduced test case on this so i can push it forward. Thanks!