Skip to main content

Bug Tracker

Side navigation

#6765 closed bug (duplicate)

Opened July 05, 2010 06:39AM UTC

Closed February 05, 2011 01:00AM UTC

Last modified February 05, 2011 01:00AM UTC

jQuery strips non type='text/javscript' script tags when cleaning fragments

Reported by: johnferin Owned by: johnferin
Priority: high Milestone:
Component: manipulation Version: 1.5
Keywords: cleaning, escaping Cc:
Blocked by: Blocking:

On Line 4498

ret.splice.apply( ret, [i + 1, 0].concat(jQuery.makeArray(ret[i].getElementsByTagName("script"))) );

This will strip <script type='text/html'> tags.

An ugly solution for this is

ret.splice.apply( ret, [i + 1, 0].concat(jQuery.makeArray(ret[i].getElementsByTagName("script")).filter(function(i,n){ return i.type.toLowerCase() == 'text/javascript'})) );

Attachments (0)
Change History (6)

Changed October 23, 2010 10:43PM UTC by SlexAxton comment:1

component: coremanipulation
owner: → johnferin
priority: → low
status: newpending

I'd love a jsfiddle reduced test case on this so i can push it forward. Thanks!

Changed November 11, 2010 11:09PM UTC by trac-o-bot comment:2

status: pendingclosed

Automatically closed due to 14 days of inactivity.

Changed February 04, 2011 07:25PM UTC by anonymous comment:3

There are more common MIME types for JavaScript: application/ecmascript, text/jscript, etc. [1][2] Also they can contain version identifiers: application/javascript;version=1.7 [3].




Changed February 04, 2011 11:37PM UTC by jitter comment:4

status: closedreopened

Changed February 05, 2011 01:00AM UTC by jitter comment:5

priority: lowhigh
resolution: → duplicate
status: reopenedclosed

Changed February 05, 2011 01:00AM UTC by jitter comment:6

Duplicate of #6180.