Bug Tracker

Opened 9 years ago

Closed 9 years ago

Last modified 9 years ago

#8054 closed bug (fixed)

Regex in ajaxPrefilter of JSON data type should not be valid

Reported by: Soul_Master@… Owned by: jaubourg
Priority: high Milestone: 1.5
Component: ajax Version: 1.5rc1
Keywords: Cc:
Blocked by: Blocking: #5812


jQuery.ajaxPrefilter( "json jsonp", function( s, originalSettings, dataIsString /* internal */ ) {

    dataIsString = ( typeof s.data === "string" );

    if ( s.dataTypes[ 0 ] === "jsonp" ||
        originalSettings.jsonpCallback ||
        originalSettings.jsonp != null ||
        s.jsonp !== false && ( jsre.test( s.url ) ||
                dataIsString && jsre.test( s.data ) ) ) {

From the above code, jQuery use jsre Regex to test current data. It return true when my data contain "?" symbol that is cause of bug when it process callback data as script instead of Json. The following code is my Json result that is generated by .NET JSON serializer. It can be correctly parsed when parser is parseJSON function instead of globalEval function.



Change History (7)

comment:1 Changed 9 years ago by Soul_Master@…

For more information, my current data of this AJAX is the following code.

s.data = "ID=ec833bf0-6f8a-4899-921e-f7cfa725ca4b&ProcessID=ba2746c6-82ae-4f77-8e54-2654a736e398&CreatedDate=25+%E0%B8%A1.%E0%B8%84.+2554&Side=3&OwnerID=805e298e-6700-4629-a7cf-2f94916eac6a&Status=1&AttachedDocID=c72af5fd-41cc-4da4-83f3-689867a1b272&Description=fsyiul%3Blm.%2Cm&FileName=%3F%3F%3F2.jpg&CourtLevel=1"

comment:2 Changed 9 years ago by jitter

Component: unfiledajax
Owner: set to Soul_Master@…
Status: newpending

Thanks for taking the time to contribute to the jQuery project by writing a bug report.

Please submit a reduced test case, which reproduces the issue you are experiencing, on http://jsfiddle.net. So that we can investigate this issue further.

How to report bugs

comment:3 Changed 9 years ago by jitter

Owner: changed from Soul_Master@… to jaubourg
Status: pendingassigned

comment:4 Changed 9 years ago by jitter

Priority: undecidedhigh

test case check the inline comments

Introduced with the fix for #4897.

Related reading http://tools.ietf.org/html/rfc2396

comment:5 Changed 9 years ago by jaubourg

Resolution: fixed
Status: assignedclosed

Fixes #8054 by reverting feature enhancement 5812 (4920). Regexps no longer searches for %3F in url or data to find jsonp callback placeholders.

Changeset: 325dcdc2ab05173f809b9d83af59918b3695cc23

comment:6 Changed 9 years ago by jaubourg

Blocking: 5812 added

(In #5812) This enhancement breaks legitimate uses of ? in url or data.

comment:7 Changed 9 years ago by jitter

Milestone: 1.next1.5
Note: See TracTickets for help on using tickets.