Bug Tracker

Opened 13 years ago

Closed 13 years ago

Last modified 13 years ago

#8054 closed bug (fixed)

Regex in ajaxPrefilter of JSON data type should not be valid

Reported by: Soul_Master@… Owned by: jaubourg
Priority: high Milestone: 1.5
Component: ajax Version: 1.5rc1
Keywords: Cc:
Blocked by: Blocking: #5812


jQuery.ajaxPrefilter( "json jsonp", function( s, originalSettings, dataIsString /* internal */ ) {

    dataIsString = ( typeof s.data === "string" );

    if ( s.dataTypes[ 0 ] === "jsonp" ||
        originalSettings.jsonpCallback ||
        originalSettings.jsonp != null ||
        s.jsonp !== false && ( jsre.test( s.url ) ||
                dataIsString && jsre.test( s.data ) ) ) {

From the above code, jQuery use jsre Regex to test current data. It return true when my data contain "?" symbol that is cause of bug when it process callback data as script instead of Json. The following code is my Json result that is generated by .NET JSON serializer. It can be correctly parsed when parser is parseJSON function instead of globalEval function.



Change History (7)

comment:1 Changed 13 years ago by Soul_Master@…

For more information, my current data of this AJAX is the following code.

s.data = "ID=ec833bf0-6f8a-4899-921e-f7cfa725ca4b&ProcessID=ba2746c6-82ae-4f77-8e54-2654a736e398&CreatedDate=25+%E0%B8%A1.%E0%B8%84.+2554&Side=3&OwnerID=805e298e-6700-4629-a7cf-2f94916eac6a&Status=1&AttachedDocID=c72af5fd-41cc-4da4-83f3-689867a1b272&Description=fsyiul%3Blm.%2Cm&FileName=%3F%3F%3F2.jpg&CourtLevel=1"

comment:2 Changed 13 years ago by jitter

Component: unfiledajax
Owner: set to Soul_Master@…
Status: newpending

Thanks for taking the time to contribute to the jQuery project by writing a bug report.

Please submit a reduced test case, which reproduces the issue you are experiencing, on http://jsfiddle.net. So that we can investigate this issue further.

How to report bugs

comment:3 Changed 13 years ago by jitter

Owner: changed from Soul_Master@… to jaubourg
Status: pendingassigned

comment:4 Changed 13 years ago by jitter

Priority: undecidedhigh

test case check the inline comments

Introduced with the fix for #4897.

Related reading http://tools.ietf.org/html/rfc2396

comment:5 Changed 13 years ago by jaubourg

Resolution: fixed
Status: assignedclosed

Fixes #8054 by reverting feature enhancement 5812 (4920). Regexps no longer searches for %3F in url or data to find jsonp callback placeholders.

Changeset: 325dcdc2ab05173f809b9d83af59918b3695cc23

comment:6 Changed 13 years ago by jaubourg

Blocking: 5812 added

(In #5812) This enhancement breaks legitimate uses of ? in url or data.

comment:7 Changed 13 years ago by jitter

Milestone: 1.next1.5
Note: See TracTickets for help on using tickets.