jQuery.ajax: make `dataType: "script"` not execute scripts on unsuccessful HTTP status #4250
Labels
Milestone
Comments
mgol
changed the title
skrobinson
added a commit
to skrobinson/jquery
that referenced
this issue
Apr 19, 2019
The content returned in an error response may not be valid Javascript. I first saw this when trying to retrieve a missing script file, the server replied with HTTP 404 and an HTML page detailing the error. So the error which appeared on the console was "SyntaxError: expected expression, got '<'" because the browser was attempting to parse the error page as a script file. Fixes jquerygh-4250 Signed-off-by: Sean Robinson <sean.robinson@scottsdalecc.edu>
skrobinson
added a commit
to skrobinson/jquery
that referenced
this issue
Apr 19, 2019
The content returned in an error response may not be valid Javascript. I first saw this when trying to retrieve a missing script file, the server replied with HTTP 404 and an HTML page detailing the error. So the error which appeared on the console was "SyntaxError: expected expression, got '<'" because the browser was attempting to parse the error page as a script file. Fixes jquerygh-4250 Signed-off-by: Sean Robinson <sean.robinson@scottsdalecc.edu>
|
I have a possible fix and a test case in commit 6716b75. |
|
@skrobinson Your patch skips converters completely for unsuccessful responses; this is not right, it doesn't pass our test suite. The proper fix will most likely require generalizing what was done in #4243 so that the logic is applied to all requests with |
skrobinson
added a commit
to skrobinson/jquery
that referenced
this issue
Apr 26, 2019
Unsuccessful responses may not contain text convertible to the intended type (e.g. json, script, etc.) using the normal converter. The two added test cases only check for `dataType: "script"`. Fixes jquerygh-4250 Signed-off-by: Sean Robinson <sean.robinson@scottsdalecc.edu>
|
@skrobinson Let us know if you need any help/direction! (or if you don't have time to submit a PR so that we know we should look at it ourselves) |
skrobinson
added a commit
to skrobinson/jquery
that referenced
this issue
Jun 12, 2019
While trying to improve my fix for jquerygh-4250, I needed a failing service. This will be parked on a side branch until it is ever needed. Which may be never. Signed-off-by: Sean Robinson <sean.robinson@scottsdalecc.edu>
skrobinson
added a commit
to skrobinson/jquery
that referenced
this issue
Sep 6, 2019
Unsuccessful responses may not contain text convertible to the intended type (e.g. json, script, etc.) using the normal converter. The two added test cases only check for `dataType: "script"`. Fixes jquerygh-4250 Signed-off-by: Sean Robinson <sean.robinson@scottsdalecc.edu>
skrobinson
added a commit
to skrobinson/jquery
that referenced
this issue
Sep 6, 2019
Unsuccessful responses may not contain text convertible to the intended type (e.g. json, script, etc.) using the normal converter. The two added test cases only check for `dataType: "script"`. Fixes jquerygh-4250 Signed-off-by: Sean Robinson <sean.robinson@scottsdalecc.edu>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Description
A followup of PR #4243 and an extension of issue #4126. We should stop evaluating scripts returned with an unsuccessful HTTP status when loaded via
jQuery.ajaxwithdataType: "script". The fix in #4243 only targets DOM manipulation.Link to test case
The text was updated successfully, but these errors were encountered: