mirror of
https://github.com/jquery/jquery.git
synced 2024-10-05 11:34:18 +00:00
Manipulation: Only evaluate HTTP-successful script src
Fixes gh-4126 Closes gh-4243
This commit is contained in:
parent
4ffb1df8e4
commit
c2026b117d
@ -10,11 +10,16 @@ jQuery._evalUrl = function( url ) {
|
||||
|
||||
// Make this explicit, since user can override this through ajaxSetup (#11264)
|
||||
type: "GET",
|
||||
dataType: "script",
|
||||
dataType: "text",
|
||||
cache: true,
|
||||
async: false,
|
||||
global: false,
|
||||
"throws": true
|
||||
"throws": true,
|
||||
|
||||
// Only evaluate the response if it is successful (gh-4126)
|
||||
success: function( text ) {
|
||||
jQuery.globalEval( text );
|
||||
}
|
||||
} );
|
||||
};
|
||||
|
||||
|
@ -2818,3 +2818,20 @@ QUnit.test( "Insert script with data-URI (gh-1887)", 1, function( assert ) {
|
||||
done();
|
||||
}, 100 );
|
||||
} );
|
||||
|
||||
QUnit.test( "Ignore content from unsuccessful responses (gh-4126)", 1, function( assert ) {
|
||||
var globalEval = jQuery.globalEval;
|
||||
jQuery.globalEval = function( code ) {
|
||||
assert.ok( false, "no attempt to evaluate code from an unsuccessful response" );
|
||||
};
|
||||
|
||||
try {
|
||||
jQuery( "#qunit-fixture" ).append(
|
||||
"<script src='" + url( "mock.php?action=error" ) + "'/>" );
|
||||
assert.ok( true, "no error thrown from embedding script with unsuccessful-response src" );
|
||||
} catch ( e ) {
|
||||
throw e;
|
||||
} finally {
|
||||
jQuery.globalEval = globalEval;
|
||||
}
|
||||
} );
|
||||
|
Loading…
Reference in New Issue
Block a user