mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
Fix mistake in JS response parser:
- Restore ability to accept ecmascript JS response should not modify DOM.
This commit is contained in:
parent
faca40dfd4
commit
db65f73f2e
2 changed files with 31 additions and 3 deletions
|
@ -64,10 +64,10 @@ processResponse = (response, type) ->
|
|||
if typeof response is 'string' and typeof type is 'string'
|
||||
if type.match(/\bjson\b/)
|
||||
try response = JSON.parse(response)
|
||||
else if type.match(/\bjavascript\b/)
|
||||
else if type.match(/\b(?:java|ecma)script\b/)
|
||||
script = document.createElement('script')
|
||||
script.innerHTML = response
|
||||
document.body.appendChild(script)
|
||||
script.text = response
|
||||
document.head.appendChild(script).parentNode.removeChild(script)
|
||||
else if type.match(/\b(xml|html|svg)\b/)
|
||||
parser = new DOMParser()
|
||||
type = type.replace(/;.+/, '') # remove something like ';charset=utf-8'
|
||||
|
|
|
@ -100,6 +100,34 @@ asyncTest('JS code should be executed', 1, function() {
|
|||
submit()
|
||||
})
|
||||
|
||||
asyncTest('ecmascript code should be executed', 1, function() {
|
||||
buildForm({ method: 'post', 'data-type': 'script' })
|
||||
|
||||
$('form').append('<input type="text" name="content_type" value="application/ecmascript">')
|
||||
$('form').append('<input type="text" name="content" value="ok(true, \'remote code should be run\')">')
|
||||
|
||||
submit()
|
||||
})
|
||||
|
||||
asyncTest('execution of JS code does not modify current DOM', 1, function() {
|
||||
var docLength, newDocLength
|
||||
function getDocLength() {
|
||||
return document.documentElement.outerHTML.length
|
||||
}
|
||||
|
||||
buildForm({ method: 'post', 'data-type': 'script' })
|
||||
|
||||
$('form').append('<input type="text" name="content_type" value="text/javascript">')
|
||||
$('form').append('<input type="text" name="content" value="\'remote code should be run\'">')
|
||||
|
||||
docLength = getDocLength()
|
||||
|
||||
submit(function() {
|
||||
newDocLength = getDocLength()
|
||||
ok(docLength === newDocLength, 'executed JS should not present in the document')
|
||||
})
|
||||
})
|
||||
|
||||
asyncTest('XML document should be parsed', 1, function() {
|
||||
buildForm({ method: 'post', 'data-type': 'html' })
|
||||
|
||||
|
|
Loading…
Reference in a new issue