Ruby on Rails | Screencasts | Download | Documentation | Weblog | Community | Source

Changeset 6501

Show
Ignore:
Timestamp:
04/03/07 22:21:58 (1 year ago)
Author:
madrobby
Message:

Prevent a crash on Safari on String.prototype.stripScripts and extractScripts with large <script> tags.

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • spinoffs/prototype/trunk/CHANGELOG

    r6489 r6501  
    11*SVN* 
     2 
     3* Prevent a crash on Safari on String.prototyype.stripScripts and extractScripts with large <script> tags.  [Thomas Fuchs] 
    24 
    35* Prevent linefeed normalisation in String.prototype.escapeHTML and unescapeHTML on IE for consistency with other browsers. Speed optimizations for Safari and IE.  [Thomas Fuchs] 

  • spinoffs/prototype/trunk/src/prototype.js

    r6489 r6501  
    1818  }, 
    1919   
    20   ScriptFragment: '(?:<script.*?>)((\n|\r|.)*?)(?:<\/script>)', 
     20  ScriptFragment: '<script[^>]*>([\u0001-\uFFFF]*?)</script>', 
    2121  emptyFunction: function() {}, 
    2222  K: function(x) { return x } 

  • spinoffs/prototype/trunk/test/unit/dom.html

    r6475 r6501  
    271271// <![CDATA[ 
    272272 
    273   var testVar = 'to be updated'
     273  var testVar = 'to be updated', testVar2 = ''
    274274 
    275275  Element.addMethods("LI", { 
     
    365365 
    366366    testElementUpdateWithScript: function() {with(this) { 
    367       $('testdiv').update('hello from div!<script>testVar="hello!"</'+'script>'); 
     367      $('testdiv').update('hello from div!<script>\ntestVar="hello!";\n</'+'script>'); 
    368368      assertEqual('hello from div!',$('testdiv').innerHTML); 
    369369      wait(100,function(){ 
     
    376376        wait(100,function(){ 
    377377          assertEqual('another hello!',testVar); 
     378           
     379          Element.update('testdiv','a\n<script>testVar="a"\ntestVar="b"</'+'script>'); 
     380          wait(100,function(){ 
     381            assertEqual('b', testVar); 
     382             
     383            Element.update('testdiv', 
     384              'x<script>testVar2="a"</'+'script>\nblah\n'+ 
     385              'x<script>testVar2="b"</'+'script>'); 
     386            wait(100,function(){ 
     387              assertEqual('b', testVar2); 
     388            }); 
     389          }); 
    378390        }); 
    379391      }); 
     
    935947      assertEqual("orange juice", elem.orangeJuice()); 
    936948      assertEqual("orange juice", elem2.orangeJuice()); 
    937     }}     
     949    }}, 
     950     
     951    testScriptFragment: function() {with(this) { 
     952      var element = document.createElement('div'); 
     953      // tests an issue with Safari 2.0 crashing when the ScriptFragment 
     954      // regular expression is using a pipe-based approach for 
     955      // matching any character 
     956      ['\r','\n',' '].each(function(character){ 
     957        $(element).update("<script>"+character.times(10000)+"</scr"+"ipt>"); 
     958        assertEqual('', element.innerHTML); 
     959      }); 
     960      $(element).update("<script>var blah='"+'\\'.times(10000)+"'</scr"+"ipt>"); 
     961      assertEqual('', element.innerHTML); 
     962    }} 
    938963  }, 'testlog'); 
    939964