In `leverageNative`, instead of calling `event.stopImmediatePropagation()`
which would abort both native & jQuery handlers, set the wrapper's
`isImmediatePropagationStopped` property to a function returning `true`.
Since for each element + type pair jQuery attaches only one native handler,
there is also only one wrapper jQuery event so this achieves the goal:
on the target element jQuery handlers don't fire but native ones do.
Unfortunately, this workaround doesn't work for handlers on ancestors
- since the native event is re-wrapped by a jQuery one on each level of
the propagation, the only way to stop it for jQuery was to stop it for
everyone via native `stopPropagation()`. This is not a problem for
`focus`/`blur` which don't bubble, but it does also stop `click` on
checkboxes and radios. We accept this limitation.
Fixes gh-5015
Closes gh-5228
(cherry picked from commit 6ad3651dbf)
In IE (all versions), `focus` & `blur` handlers are fired asynchronously
but `focusin` & `focusout` are run synchronously. In other browsers, all
those handlers are fired synchronously. Asynchronous behavior of these
handlers in IE caused issues for IE (gh-4856, gh-4859).
We now simulate `focus` via `focusin` & `blur` via `focusout` in IE to avoid
these issues. This also let us simplify some tests.
This commit also simplifies `leverageNative` - with IE now using `focusin`
to simulate `focus` and `focusout` to simulate `blur`, we don't have to deal
with async events in `leverageNative`. This also fixes broken `focus` triggers
after first triggering it on a hidden element - previously, `leverageNative`
assumed that the native `focus` handler not firing after calling the native
`focus` method meant it would be handled later, asynchronously, which
was not the case (gh-4950).
To preserve relative `focusin`/`focus` & `focusout`/`blur` event order
guaranteed on the 3.x branch, attach a single handler for both events in IE.
A side effect of this is that to reduce size the `event/focusin` module
no longer exists and it's impossible to disable the `focusin` patch
in modern browsers via the jQuery custom build system.
Fixes gh-4856
Fixes gh-4859
Fixes gh-4950
Ref gh-5223
Closes gh-5224
Co-authored-by: Richard Gibson <richard.gibson@gmail.com>
PR gh-5197 started treating all non-string non-plain-object
`data` values as binary. However, `jQuery.ajax` also supports
arrays as values of `data`. This change didn't land on `3.x-stable`;
however... Surprisingly, we had no tests for array `data` values.
This change backports a few such missing tests added in gh-5203.
Ref gh-5197
Ref gh-5203
PR gh-5046 erroneously changed AJAX deprecated event alias
usage in deprecated tests to `.on()` calls. This change
reverses this mistake.
Closes gh-5195
Ref gh-5046
(cherry picked from commit cff2899885)
Rename `jQuery.Deferred.getStackHook` to `jQuery.Deferred.getErrorHook`
to indicate passing an error instance is usually a better choice - it
works with source maps while a raw stack generally does not.
In jQuery `3.7.0`, we'll keep both names, marking the old one as
deprecated. In jQuery `4.0.0` we'll just keep the new one. This
change implements the `3.7.0` version; PR gh-5211 implements
the `4.0.0` one.
Fixes gh-5201
Closes gh-5212
Ref gh-5211
`CSS.supports( "selector(...)" )` has different semantics than selectors passed
to `querySelectorAll`. Apart from the fact that the former returns `false` for
unrecognized selectors and the latter throws, `qSA` is more forgiving and
accepts some invalid selectors, auto-correcting them where needed - for
example, mismatched brackers are auto-closed. This behavior difference is
breaking for many users.
To add to that, a recent CSSWG resolution made `:is()` & `:where()` the only
pseudos with forgiving parsing; browsers are in the process of making `:has()`
parsing unforgiving.
Taking all that into account, we go back to our previous try-catch approach
without relying on `CSS.supports( "selector(...)" )`. The only difference
is we detect forgiving parsing in `:has()` and mark the selector as buggy.
The PR also updates `playwright-webkit` so that we test against a version
of WebKit that already has non-forgiving `:has()`.
Fixes gh-5194
Closes gh-5207
Ref gh-5206
Ref gh-5098
Ref gh-5107
Ref w3c/csswg-drafts#7676
For older Safari/iOS we needed to add the `safari` UA check as their reported
`WebKit` version was not new enough. However, that check should have also
excluded Chrome which was missed in the first iteration. This has been fixed.
Also, fix code formatting in `test/unit/css.js`.
So far, we've been running browser tests on GitHub Actions in Chrome
and Firefox. Regular Safari is not available in GitHub Actions but
Playwright WebKit comes close to a dev version of Safari.
With this change, our GitHub CI & local test runs will invoke tests on
all actively developed browser engines on all PRs.
Also, our GitHub Actions browser tests are now running on Node.js 18.
Detection of the Playwright WebKit browser in support unit tests is done
by checking if the `test_browser` query parameter is set to `"Playwright"`;
this is a `karma-webkit-launcher` feature. Detecting that browser via
user agent as we normally do is hard as the UA on Linux is very similar
to a real Safari one but it actually uses a newer version of the engine.
In addition, we now allow to pass custom browsers when one needs it;
e.g., to run the tests in all three engines on Linux/macOS, run:
```
grunt && BROWSERS=ChromeHeadless,FirefoxHeadless,WebkitHeadless grunt karma:main
```
Closes gh-5190
(cherry picked from commit b02a257f98)
The `test/middleware-mockserver.js` file used to have the same ESLint
settings applied as other test files that are directly run in tested
browsers. Now it shares settings of other Node.js files.
The file is now also written using modern JS, leveraging ES2018.
Closes gh-5196
(cherry picked from commit ce90a48450)
A newly added test making sure a native selector containing
the `:valid` pseudo works when no jQuery-specific selectors
are used was failing in IE 9 as that browser lacks support
for this pseudo. This commit disables that test in IE 9.
Ref gh-5178
jQuery 3.6.2 started using `CSS.supports( "selector(SELECTOR)" )` before using
`querySelectorAll` on the selector. This was to solve gh-5098 - some selectors,
like `:has()`, now had their parameters parsed in a forgiving way, meaning
that `:has(:fakepseudo)` no longer throws but just returns 0 results, breaking
that jQuery mechanism.
A recent spec change made `CSS.supports( "selector(SELECTOR)" )` always use
non-forgiving parsing, allowing us to use this API for what we've used
`try-catch` before.
To solve the issue on the spec side for older jQuery versions, `:has()`
parameters are no longer using forgiving parsing in the latest spec update
but our new mechanism is more future-proof anyway.
However, the jQuery implementation has a bug - in
`CSS.supports( "selector(SELECTOR)" )`, `SELECTOR` needs to be
a `<complex-selector>` and not a `<complex-selector-list>`. Which means that
selector lists now skip `qSA` and go to the jQuery custom traversal:
```js
CSS.supports("selector(div:valid, span)"); // false
CSS.supports("selector(div:valid)"); // true
CSS.supports("selector(span)"); // true
```
To solve this, this commit wraps the selector list passed to
`CSS.supports( "selector(:is(SELECTOR))" )` with `:is`, making it a single
selector again.
See:
* https://w3c.github.io/csswg-drafts/css-conditional-4/#at-supports-ext
* https://w3c.github.io/csswg-drafts/selectors-4/#typedef-complex-selector
* https://w3c.github.io/csswg-drafts/selectors-4/#typedef-complex-selector-list
Fixes gh-5177
Closes gh-5178
Ref w3c/csswg-drafts#7280
(cherry picked from commit 09d988b774)
Some APIs, like `.prevAll()`, return elements in the reversed order, causing
confusing behavior when used with wrapping methods (see gh-5149 for more info)
To provide an easy workaround, this commit implements a chainable `uniqueSort`
method on jQuery objects, an equivalent of `jQuery.uniqueSort`.
Fixes gh-5166
Closes gh-5168
(cherry picked from commit 5266f23cf4)
This commit removes Sizzle from jQuery, inlining its code & removing obsolete
workarounds where applicable.
The Sizzle AUTHORS.txt file has been merged with the jQuery one - people are
sorted by their first contributions to either of the two repositories.
The main `selector` module can be disabled in favor of `selector-native`
via:
grunt custom:-selector
For backwards compatibility, the legacy `sizzle` alias is also supported (it
will be dropped in jQuery `4.0.0`):
grunt custom:-selector
Sizzle tests have been ported to jQuery ones. Ones that are not compatible
with the `selector-native` module are disabled if the regular selector module
is excluded.
Backwards compatibility is still kept for all `Sizzle` utils - they continue to be
available under `jQuery.find` - but the primary implementation is now attached
directly to jQuery.
Some selector utils shared by `selector` & `selector-native` have been
extracted & deduplicated. `jQuery.text` and `jQuery.isXMLDoc` have been
moved to the `core` module.
The commit reduces the gzipped jQuery size by 851 bytes compared to the
`3.x-stable` branch.
Closes gh-5113
Ref gh-4395
Ref gh-4406
The `<template/>` element `contents` property is a document fragment that may
have a `null` `documentElement`. In Safari 16 this happens in more cases due
to recent spec changes - in particular, even if that document fragment is
explicitly adopted into an outer document. We're testing both of those cases
now.
The crash used to happen in `jQuery.contains` which is an alias for
`Sizzle.contains` in jQuery 3.x.
The Sizzle fix is at jquery/sizzle#490, released in Sizzle `2.3.8`. This
version of Sizzle is included in the parent commit.
A fix similar to the one from gh-5158 has also been applied here to the
`selector-native` version.
Fixes gh-5147
Closes gh-5159
Ref jquery/sizzle#490
Ref gh-5158
Firefox 96-100 used to report the column number smaller by 2 than it should
in the `parsererror` element generated for invalid XML documents. Since that
version range is unsupported now and it includes no ESR versions, the workaround
can now be dropped.
Closes gh-5109
Ref gh-5018
(cherry picked from commit e7ffe1f135)
The spec requires that CSS variable values are trimmed. In browsers that do
this - mainly, Safari, but also Firefox if the value only has leading
whitespace - we currently return undefined; in other browsers, we return
an empty string as the logic to fall back to undefined happens before
trimming.
This commit adds another explicit callback to `undefined` to have it consistent
across browsers.
Also, more explicit comments about behaviors we need to work around in various
browsers have been added.
Closes gh-5120
Ref gh-5106
(cherry picked from commit 7eb0019640)
Accept "HTTP/2.0 200" as a valid `statusText` for successful requests
to make ajax tests pass in iOS 9. At this point, normalizing this in code
doesn't seem to make a lot of sense.
Closes gh-5121
Introduces a new test API, `includesModule`. The method returns whether
a particular module like "ajax" or "deprecated" is included in the current
jQuery build; it handles the slim build as well. The util was created so that
we don't treat presence of particular APIs to decide whether to run a test as
then if we accidentally remove an API, the tests would still not fail.
Closes gh-5071
Fixes gh-5069
Ref gh-5046
(partially cherry picked from commit fae5fee8b4)
This change makes jQuery skip falsy values in `addClass( array )`
& `removeClass( array )` instead of stopping iteration when the first falsy
value is detected. This makes code like:
```js
elem.addClass( [ "a", "", "b" ] );
```
add both the `a` & `b` classes.
The code was also optimized for size a bit so it doesn't increase the
minified gzipped size.
Fixes gh-4998
Closes gh-5003
(partially cherry picked from commit a338b407f2)
This is a version of gh-4993 for the `3.x-stable` branch.
The GitHub UI treats `#NUMBER` as referring to its own issues which is confusing
when in jQuery source it's usually referring to the old deprecated Trac instance
at https://bugs.jquery.com. This change replaces all such Trac references with
`trac-NUMBER`.
A few of the references came with the Sizzle integration and referred to the
Sizzle GitHub bug tracker. Those have been replaced with full links instead.
A new entry describing issue reference conventions has been added to README.
Closes gh-4994
Ref gh-4993
Ref 5d5ea01511
TestSwarm is now proxied via Cloudflare which cuts out headers relevant for
ETag tests, failing them. We're still running those tests in Karma on Chrome
& Firefox (including Firefox ESR).
Closes gh-4974
(cherry picked from commit 00c060d161)
In HTTP/2, status message is not supported and whatever is reported as
statusText differs between browsers. In Chrome & Safari it's "success", in
Firefox & IE it's "OK". So far "success" wasn't allowed. This made the tests
pass locally if you're running an HTTP/1.1 server but on TestSwarm which is
now proxied via an HTTP/2-equipped Cloudflare, the relevant test started failing
in Chrome & Safari.
Allow "success" to resolve the issue.
Closes gh-4973
(cherry picked from commit 19ced963c6)
Safari 9.1 & iOS 9.3 support CSS custom properties but that support
is buggy which crashes our tests. Disable those tests there.
See https://caniuse.com/css-variables
Closes gh-4966
The spec has recently changed and CSS Custom Properties values are trimmed now.
This change makes jQuery polyfill that new behavior for all browsers.
Ref w3c/csswg-drafts#774
Fixes gh-4926
Closes gh-4930
(partially cherry picked from commit efadfe991a)
For some reason the current setup worked fine with Apache but broke for me when
I migrated to nginx.
Closes gh-4936
(cherry picked from commit 1019074f7b)
When evaluating scripts, jQuery strips out the possible wrapping HTML comment
and a CDATA section. However, all supported browsers are already doing that
when loading JS via appending a script tag to the DOM which is how we've been
doing `jQuery.globalEval` since jQuery 3.0.0. jQuery logic was imperfect, e.g.
it just stripped the `<!--` and `-->` markers, respectively at the beginning or
the end of the script contents. However, browsers are also stripping everything
following those markers in the same line, treating them as single-line comments
delimiters; this is now also mandated by ECMAScript 2015 in Annex B. Instead
of fixing the jQuery logic, just let the browser do its thing.
We still need to strip CDATA sections for backwards compatibility. This
shouldn't be needed as in XML documents they're already not visible when
inspecting element contents and in HTML documents they have no meaning but
we're preserving that logic for backwards compatibility. This will be removed
completely in 4.0.
Fixes gh-4904
Closes gh-4905
Ref gh-4906
The `_default` function in the special event settings for focus/blur has
always returned `true` since gh-4813 as the event was already being fired
from `leverageNative`. However, that only works if there's an active handler
on that element; this made a quick consecutive call:
```js
elem.on( "focus", function() {} ).off( "focus" );
```
make subsequent `.trigger( "focus" )` calls to not do any triggering.
The solution, already used in a similar `_default` method for the `click` event,
is to check for the `dataPriv` entry on the element for the focus event
(similarly for blur).
Fixes gh-4867
Closes gh-4885
(cherry picked from commit e539bac79e)
All the other files were already taken from the external directory.
The fact core-js was taken from node_modules broke IE core tests on TestSwarm.
Ref gh-4865
Ref gh-4870
(partially cherry picked from 345cd22e56)
Only allow alphanumeric characters & underscores for callback parameters.
The change is done both for the PHP server as well as the Node.js-based version.
This is only test code so we're not fixing any security issue but it happens
often enough that the whole jQuery repository directory structure is deployed
onto the server with PHP enabled that it makes is easy to introduce security
issues if this cleanup is not done.
Ref gh-4764
Closes gh-4871
(cherry picked from a70274632d)
Two issues are fixed in testing for responses with a script Content-Type not
getting auto-executed unless an explicit `dataType: "script"` is provided:
* the test is now using a correct "text/javascript" Content-Type; it was using
"text/html" until now which doesn't really check if the fix works
* the Node.js based version of the tests didn't account for an empty `header`
query string parameter
Closes gh-4824
Ref gh-2432
Ref gh-2588
Ref 39cdb8c9aa
(cherry picked from commit d38528b17a)
Firefox incorrectly (or perhaps correctly) includes table borders in computed
dimensions, but they are the only one. Workaround this by testing for it and
falling back to offset properties
Fixes gh-4529
Closes gh-4807
Legacy Edge, similarly to IE, doesn't report XML parsing errors but just tries
to render the invalid document. Skip the error reporting test there, Edge Legacy
will return a generic "Invalid XML" error, just like IE.
Ref gh-4816
Changes:
* Remove incorrect `QUnit.testUnlessIE` usage as that util is only available
on `master`, not here.
* Change `firstCall.lastArg` to `firstCall.args[ 0 ]` as the former API is not
available in older Sinon versions.
If during a focus handler another focus event is triggered:
```js
elem1.on( "focus", function() {
elem2.trigger( "focus" );
} );
```
due to their synchronous nature everywhere outside of IE the hack added in
gh-4279 to leverage native events causes the native `.focus()` method to be
called last for the initial element, making it steal the focus back. Since
the native method is already being called in `leverageNative`, we can skip that
final call.
This aligns with changes to the `_default` method for the `click` event that
were added when `leverageNative` was introduced there.
A side effect of this change is that now `focusin` will only propagate to the
document for the last focused element. This is a change in behavior but it also
aligns us better with how this works with native methods.
Fixes gh-4382
Closes gh-4813
Ref gh-4279
(cherry picked from commit dbcffb396c)
In Chrome, if an element having a `focusout` handler is blurred by
clicking outside of it, it invokes the handler synchronously. If
that handler calls `.remove()` on the element, the data is cleared,
leaving private data undefined. We're reading a property from that
data so we need to guard against this.
Fixes gh-4417
Closes gh-4799
(cherry picked from commit 5c2d08704e)
This aligns the Node.js server with the previous PHP one in sending `mock.php`
as a callback if there's no `callback` parameter in the query string which is
triggered by a recently added test. This prevents the request crashing on that
Node.js server and printing a JS error:
```
TypeError: Cannot read property '1' of null
```
Closes gh-4764
Ref gh-4754
(cherry picked from commit df6858df2e)
The test has been already skipped in Chrome as it dropped support for such
requests and now Safari has joined the squad.
This will resolve AJAX test errors we've had for a while in Safari 13 & iOS 13.
Closes gh-4779
(cherry picked from commit c18dc49699)
Issue gh-4379 was meant to be a bug fix but the JSONP case is a bit special:
under the hood it's a script but it simulates JSON responses in an environment
without a CORS setup and sending JSON payloads on error responses is quite
typical there.
This commit makes JSONP error responses still execute the payload. The regular
script error responses continue to be skipped.
Fixes gh-4771
Closes gh-4773
(cherry picked from commit a1e619b03a)
iOS 8-12 parses `<noembed>` tags differently, executing this code. This is no
different to native behavior on that OS, though, so just accept it.
Ref gh-4685
Closes gh-4694
(cherry picked from commit 11066a9e6a)