<script language="JavaScript">
<!--
function _AN_global_var_init(){
	_AN_this_url = "/prx/000/";
	_AN_base_scheme = "https";
	_AN_base_host = "https://github.com";
	_AN_base_path = "https://github.com/cowboy/jquery-bbq/compare/";
	_AN_encode_urls = 0;
	_AN_mpo = 1;
	_AN_md = 0;
	_AN_rel_urls = 1;
	_AN_nav_switch = 0;
	_AN_nav_allowurl = 1;
	_AN_nav_override = 0;
	_AN_has_iframe = 1;
	_AN_dbg_flags = null;
	_AN_nav_use_aaa = 1;
	_AN_expires_pass = 0;
	_AN_wrap_evthandlers = 0;
	_AN_rewrite_param_exact = 0;
	_AN_obj_params = {};
} 
_AN_global_var_init();
//-->
</script>
<script language="JavaScript" src="/prx/001/http/localh/an_util.js"></script>
<script language="JavaScript" src="/prx/001/http/localh/NSLib.js"></script>

diff --git a/jquery.ba-bbq.js b/jquery.ba-bbq.js
index 3a5995d..c054e20 100644
--- a/jquery.ba-bbq.js
+++ b/jquery.ba-bbq.js
@@ -6,6 +6,15 @@
  * Dual licensed under the MIT and GPL licenses.
  * http://benalman.com/about/license/
  */
+ 
+/*
+ * Additional changes to this file:
+ * - Removed support for IE8 and below https://github.com/cowboy/jquery-bbq/pull/48
+ * - Fixed prototype pollution (CVE-2021-20086) https://github.com/cowboy/jquery-bbq/pull/61
+ * - Minified with `uglifyjs jquery.ba-bbq.js --compress --comments -o jquery.ba-bbq.min.js`
+ *
+ * See Yii Framework which is also maintaining a fork: https://github.com/yiisoft/yii/pull/4563
+ */
 
 // Script: jQuery BBQ: Back Button & Query Library
 //
@@ -464,7 +473,7 @@
   //  (Object) An object representing the deserialized params string.
   
   $.deparam = jq_deparam = function( params, coerce ) {
-    var obj = {},
+    var obj = Object.create(null),
       coerce_types = { 'true': !0, 'false': !1, 'null': null };
     
     // Iterate over all name=value pairs.
@@ -521,7 +530,7 @@
           for ( ; i <= keys_last; i++ ) {
             key = keys[i] === '' ? cur.length : keys[i];
             cur = cur[key] = i < keys_last
-              ? cur[key] || ( keys[i+1] && isNaN( keys[i+1] ) ? {} : [] )
+              ? cur[key] || ( keys[i+1] && isNaN( keys[i+1] ) ? Object.create(null) : [] )
               : val;
           }
           
@@ -1281,96 +1290,6 @@
       timeout_id = setTimeout( poll, $.fn[ str_hashchange ].delay );
     };
     
-    // vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
-    // vvvvvvvvvvvvvvvvvvv REMOVE IF NOT SUPPORTING IE6/7/8 vvvvvvvvvvvvvvvvvvv
-    // vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
-    $.browser.msie && !supports_onhashchange && (function(){
-      // Not only do IE6/7 need the "magical" Iframe treatment, but so does IE8
-      // when running in "IE7 compatibility" mode.
-      
-      var iframe,
-        iframe_src;
-      
-      // When the event is bound and polling starts in IE 6/7, create a hidden
-      // Iframe for history handling.
-      self.start = function(){
-        if ( !iframe ) {
-          iframe_src = $.fn[ str_hashchange ].src;
-          iframe_src = iframe_src && iframe_src + get_fragment();
-          
-          // Create hidden Iframe. Attempt to make Iframe as hidden as possible
-          // by using techniques from http://www.paciellogroup.com/blog/?p=604.
-          iframe = $('<iframe tabindex="-1" title="empty" s r />').hide()
-            
-            // When Iframe has completely loaded, initialize the history and
-            // start polling.
-            .one( 'load', function(){
-              iframe_src || history_set( get_fragment() );
-              poll();
-            })
-            
-            // Load Iframe src if specified, otherwise nothing.
-            .attr( 'src', iframe_src || 'javascript:0' )
-            
-            // Append Iframe after the end of the body to prevent unnecessary
-            // initial page scrolling (yes, this works).
-            .insertAfter( 'body' )[0].contentWindow;
-          
-          // Whenever `document.title` changes, update the Iframe's title to
-          // prettify the back/next history menu entries. Since IE sometimes
-          // errors with "Unspecified error" the very first time this is set
-          // (yes, very useful) wrap this with a try/catch block.
-          doc.onpropertychange = function(){
-            try {
-              if ( event.propertyName === 'title' ) {
-                iframe.document.title = doc.title;
-              }
-            } catch(e) {}
-          };
-          
-        }
-      };
-      
-      // Override the "stop" method since an IE6/7 Iframe was created. Even
-      // if there are no longer any bound event handlers, the polling loop
-      // is still necessary for back/next to work at all!
-      self.stop = fn_retval;
-      
-      // Get history by looking at the hidden Iframe's location.hash.
-      history_get = function() {
-        return get_fragment( iframe.location.href );
-      };
-      
-      // Set a new history item by opening and then closing the Iframe
-      // document, *then* setting its location.hash. If document.domain has
-      // been set, update that as well.
-      history_set = function( hash, history_hash ) {
-        var iframe_doc = iframe.document,
-          domain = $.fn[ str_hashchange ].domain;
-        
-        if ( hash !== history_hash ) {
-          // Update Iframe with any initial `document.title` that might be set.
-          iframe_doc.title = doc.title;
-          
-          // Opening the Iframe's document after it has been closed is what
-          // actually adds a history entry.
-          iframe_doc.open();
-          
-          // Set document.domain for the Iframe document as well, if necessary.
-          domain && iframe_doc.write( '<script>
_AN_Write_domain('domain', document, false , "' + domain + '"); 
</script>' );
-          
-          iframe_doc.close();
-          
-          // Update the Iframe's hash, for great justice.
-          iframe.location.hash = hash;
-        }
-      };
-      
-    })();
-    // ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-    // ^^^^^^^^^^^^^^^^^^^ REMOVE IF NOT SUPPORTING IE6/7/8 ^^^^^^^^^^^^^^^^^^^
-    // ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-    
     return self;
   })();
   
diff --git a/jquery.ba-bbq.min.js b/jquery.ba-bbq.min.js
index 80de36f..c1f55f5 100644
--- a/jquery.ba-bbq.min.js
+++ b/jquery.ba-bbq.min.js
@@ -1,18 +1,25 @@
 /*
- * jQuery BBQ: Back Button & Query Library - v1.3pre - 8/26/2010
+ * jQuery BBQ: Back Button & Query Library - v1.4pre - 1/15/2013
  * http://benalman.com/projects/jquery-bbq-plugin/
- * 
+ *
  * Copyright (c) 2010 "Cowboy" Ben Alman
  * Dual licensed under the MIT and GPL licenses.
  * http://benalman.com/about/license/
  */
-(function($,r){var h,n=Array.prototype.slice,t=decodeURIComponent,a=$.param,j,c,m,y,b=$.bbq=$.bbq||{},s,x,k,e=$.event.special,d="hashchange",B="querystring",F="fragment",z="elemUrlAttr",l="href",w="src",p=/^.*\?|#.*$/g,u,H,g,i,C,E={};function G(I){return typeof I==="string"}function D(J){var I=n.call(arguments,1);return function(){return J.apply(this,I.concat(n.call(arguments)))}}function o(I){return I.replace(H,"$2")}function q(I){return I.replace(/(?:^[^?#]*\?([^#]*).*$)?.*/,"$1")}function f(K,P,I,L,J){var R,O,N,Q,M;if(L!==h){N=I.match(K?H:/^([^#?]*)\??([^#]*)(#?.*)/);M=N[3]||"";if(J===2&&G(L)){O=L.replace(K?u:p,"")}else{Q=m(N[2]);L=G(L)?m[K?F:B](L):L;O=J===2?L:J===1?$.extend({},L,Q):$.extend({},Q,L);O=j(O);if(K){O=O.replace(g,t)}}R=N[1]+(K?C:O||!N[1]?"?":"")+O+M}else{R=P(I!==h?I:location.href)}return R}a[B]=D(f,0,q);a[F]=c=D(f,1,o);a.sorted=j=function(J,K){var I=[],L={};$.each(a(J,K).split("&"),function(P,M){var O=M.replace(/(?:%5B|=).*$/,""),N=L[O];if(!N){N=L[O]=[];I.push(O)}N.push(M)});return $.map(I.sort(),function(M){return L[M]}).join("&")};c.noEscape=function(J){J=J||"";var I=$.map(J.split(""),encodeURIComponent);g=new RegExp(I.join("|"),"g")};c.noEscape(",/");c.ajaxCrawlable=function(I){if(I!==h){if(I){u=/^.*(?:#!|#)/;H=/^([^#]*)(?:#!|#)?(.*)$/;C="#!"}else{u=/^.*#/;H=/^([^#]*)#?(.*)$/;C="#"}i=!!I}return i};c.ajaxCrawlable(0);$.deparam=m=function(L,I){var K={},J={"true":!0,"false":!1,"null":null};$.each(L.replace(/\+/g," ").split("&"),function(O,T){var N=T.split("="),S=t(N[0]),M,R=K,P=0,U=S.split("]["),Q=U.length-1;if(/\[/.test(U[0])&&/\]$/.test(U[Q])){U[Q]=U[Q].replace(/\]$/,"");U=U.shift().split("[").concat(U);Q=U.length-1}else{Q=0}if(N.length===2){M=t(N[1]);if(I){M=M&&!isNaN(M)?+M:M==="undefined"?h:J[M]!==h?J[M]:M}if(Q){for(;P<=Q;P++){S=U[P]===""?R.length:U[P];R=R[S]=P<Q?R[S]||(U[P+1]&&isNaN(U[P+1])?{}:[]):M}}else{if($.isArray(K[S])){K[S].push(M)}else{if(K[S]!==h){K[S]=[K[S],M]}else{K[S]=M}}}}else{if(S){K[S]=I?h:""}}});return K};function A(K,I,J){if(I="==h||typeof" I='=="boolean"){J=I;I=a[K?F:B]()}else{I=G(I)?I.replace(K?u:p,""):I}return' m(I,J)}m[B="D(A,0);m[F]=y=D(A,1);$[z]||($[z]=function(I){return" $.extend(E,I)})({a:l,base:l,iframe:w,img:w,input:w,form action ,link:l,script:w});k="$[z];function" v(L,J,K,I){if(!G(K)&&typeof K='="object"){I=K;K=J;J=h}return' this.each(function(){var O='$(this),M=J||k()[(this.nodeName||"").toLowerCase()]||"",N=M&&O.attr(M)||"";O.attr(M,a[L](N,K,I))})}$.fn[B]=D(v,B);$.fn[F]=D(v,F);b.pushState=s=function(L,I){if(G(L)&&/^#/.test(L)&&I===h){I=2}var' K="L!==h,J=c(location.href,K?L:{},K?I:2);location.href=J};b.getState=x=function(I,J){return" I="==h||typeof" I='=="boolean"?y(I):y(J)[I]};b.removeState=function(I){var' J="{};if(I!==h){J=x();$.each($.isArray(I)?I:arguments,function(L,K){delete" J[K]})}s(J,2)};e[d="$.extend(e[d],{add:function(I){var" K;function J(M){var L="M[F]=c();M.getState=function(N,O){return" N="==h||typeof" N='=="boolean"?m(L,N):m(L,O)[N]};K.apply(this,arguments)}if($.isFunction(I)){K=I;return' J}else{K="I.handler;I.handler=J}}})})(jQuery,this);" * jQuery hashchange event - v1.3 - 7/21/2010 * http://benalman.com/projects/jquery-hashchange-plugin - * + * * Copyright (c 2010 Cowboy Ben Alman * Dual licensed under the MIT and GPL licenses * http://benalman.com/about/license * -(function($,e,b){var c="hashchange" ,h='document,f,g=$.event.special,i=h.documentMode,d="on"+c' in e&&(i="==b||i" />7);function a(j){j=j||location.href;return"#"+j.replace(/^[^#]*#?(.*)$/,"$1")}$.fn[c]=function(j){return j?this.bind(c,j):this.trigger(c)};$.fn[c].delay=50;g[c]=$.extend(g[c],{setup:function(){if(d){return false}$(f.start)},teardown:function(){if(d){return false}$(f.stop)}});f=(function(){var j={},p,m=a(),k=function(q){return q},l=k,o=k;j.start=function(){p||n()};j.stop=function(){p&&clearTimeout(p);p=b};function n(){var r=a(),q=o(m);if(r!==m){l(m=r,q);$(e).trigger(c)}else{if(q!==m){location.href=location.href.replace(/#.*/,"")+q}}p=setTimeout(n,$.fn[c].delay)}$.browser.msie&&!d&&(function(){var q,r;j.start=function(){if(!q){r=$.fn[c].src;r=r&&r+a();q=$('<iframe tabindex="-1" title="empty" s r />').hide().one("load",function(){r||l(a());n()}).attr("src",r||"javascript:0").insertAfter("body")[0].contentWindow;h.onpropertychange=function(){try{if(event.propertyName==="title"){q.document.title=h.title}}catch(s){}}}};j.stop=k;o=function(){return a(q.location.href)};l=function(v,s){var u=q.document,t=$.fn[c].domain;if(v!==s){u.title=h.title;u.open();t&&u.write('<script>
</script>document.domain="'+t+'"<\/script>');u.close();q.location.hash=v}}})();return j})()})(jQuery,this);
\ No newline at end of file
+/*
+ * Additional changes to this file:
+ * - Removed support for IE8 and below https://github.com/cowboy/jquery-bbq/pull/48
+ * - Fixed prototype pollution (CVE-2021-20086) https://github.com/cowboy/jquery-bbq/pull/61
+ * - Minified with `uglifyjs jquery.ba-bbq.js --compress --comments -o jquery.ba-bbq.min.js`
+ *
+ * See Yii Framework which is also maintaining a fork: https://github.com/yiisoft/yii/pull/4563
+ */
+($=>{var jq_param_sorted,jq_param_fragment,jq_deparam,jq_deparam_fragment,jq_bbq_pushState,jq_bbq_getState,jq_elemUrlAttr,re_params_fragment,re_fragment,re_no_escape,ajax_crawlable,fragment_prefix,aps=Array.prototype.slice,decode=decodeURIComponent,jq_param=$.param,jq_bbq=$.bbq=$.bbq||{},special=$.event.special,re_params_querystring=/^.*\?|#.*$/g,elemUrlAttr_cache={};function is_string(arg){return"string"==typeof arg}function curry(func){var args=aps.call(arguments,1);return function(){return func.apply(this,args.concat(aps.call(arguments)))}}function jq_param_sub(is_fragment,get_func,url,params,merge_mode){var qs,matches,url_params,hash,merge_mode=void 0!==params?(hash=(matches=url.match(is_fragment?re_fragment:/^([^#?]*)\??([^#]*)(#?.*)/))[3]||"",2===merge_mode&&is_string(params)?qs=params.replace(is_fragment?re_params_fragment:re_params_querystring,""):(url_params=jq_deparam(matches[2]),params=is_string(params)?jq_deparam[is_fragment?"fragment":"querystring"](params):params,qs=2===merge_mode?params:1===merge_mode?$.extend({},params,url_params):$.extend({},url_params,params),qs=jq_param_sorted(qs),is_fragment&&(qs=qs.replace(re_no_escape,decode))),matches[1]+(is_fragment?fragment_prefix:qs||!matches[1]?"?":"")+qs+hash):get_func(void 0!==url?url:location.href);return merge_mode}function jq_deparam_sub(is_fragment,url_or_params,coerce){return url_or_params=void 0===url_or_params||"boolean"==typeof url_or_params?(coerce=url_or_params,jq_param[is_fragment?"fragment":"querystring"]()):is_string(url_or_params)?url_or_params.replace(is_fragment?re_params_fragment:re_params_querystring,""):url_or_params,jq_deparam(url_or_params,coerce)}function jq_fn_sub(mode,force_attr,params,merge_mode){return is_string(params)||"object"==typeof params||(merge_mode=params,params=force_attr,force_attr=void 0),this.each(function(){var that=$(this),attr=force_attr||jq_elemUrlAttr()[(this.nodeName||"").toLowerCase()]||"",url=attr&&that.attr(attr)||"";that.attr(attr,jq_param[mode](url,params,merge_mode))})}jq_param.querystring=curry(jq_param_sub,0,function(url){return url.replace(/(?:^[^?#]*\?([^#]*).*$)?.*/,"$1")}),jq_param.fragment=jq_param_fragment=curry(jq_param_sub,1,function(url){return url.replace(re_fragment,"$2")}),jq_param.sorted=jq_param_sorted=function(a,traditional){var arr=[],obj={};return $.each(jq_param(a,traditional).split("&"),function(i,v){var key=v.replace(/(?:%5B|=).*$/,""),key_obj=obj[key];key_obj||(key_obj=obj[key]=[],arr.push(key)),key_obj.push(v)}),$.map(arr.sort(),function(v){return obj[v]}).join("&")},jq_param_fragment.noEscape=function(chars){chars=$.map((chars=chars||"").split(""),encodeURIComponent);re_no_escape=new RegExp(chars.join("|"),"g")},jq_param_fragment.noEscape(",/"),jq_param_fragment.ajaxCrawlable=function(state){return void 0!==state&&(fragment_prefix=state?(re_params_fragment=/^.*(?:#!|#)/,re_fragment=/^([^#]*)(?:#!|#)?(.*)$/,"#!"):(re_params_fragment=/^.*#/,re_fragment=/^([^#]*)#?(.*)$/,"#"),ajax_crawlable=!!state),ajax_crawlable},jq_param_fragment.ajaxCrawlable(0),$.deparam=jq_deparam=function(params,coerce){var obj=Object.create(null),coerce_types={true:!0,false:!1,null:null};return $.each(params.replace(/\+/g," ").split("&"),function(j,v){var val,v=v.split("="),key=decode(v[0]),cur=obj,i=0,keys=key.split("]["),keys_last=keys.length-1,keys_last=/\[/.test(keys[0])&&/\]$/.test(keys[keys_last])?(keys[keys_last]=keys[keys_last].replace(/\]$/,""),(keys=keys.shift().split("[").concat(keys)).length-1):0;if(2===v.length)if(val=decode(v[1]),coerce&&(val=val&&!isNaN(val)?+val:"undefined"===val?void 0:void 0!==coerce_types[val]?coerce_types[val]:val),keys_last)for(;i<=keys_last;i++)cur=cur[key=""===keys[i]?cur.length:keys[i]]=i<keys_last?cur[key]||(keys[i+1]&&isNaN(keys[i+1])?Object.create(null):[]):val;else $.isArray(obj[key])?obj[key].push(val):void 0="=obj[key]?obj[key]=[obj[key],val]:obj[key]=val;else" key&&(obj[key="coerce?void" 0 )}),obj},jq_deparam.querystring="curry(jq_deparam_sub,0),jq_deparam.fragment=jq_deparam_fragment=curry(jq_deparam_sub,1),$.elemUrlAttr||($.elemUrlAttr=function(obj){return" $.extend(elemUrlAttr_cache,obj)})({a href ,base href ,iframe src ,img src ,input src ,form action ,link href ,script src }),jq_elemUrlAttr='$.elemUrlAttr,$.fn.querystring=curry(jq_fn_sub,"querystring"),$.fn.fragment=curry(jq_fn_sub,"fragment"),jq_bbq.pushState=jq_bbq_pushState=function(params,merge_mode){is_string(params)&&/^#/.test(params)&&void' 0="==merge_mode&&(merge_mode=2);var" has_args="void" 0="=params,params=jq_param_fragment(location.href,has_args?params:{},has_args?merge_mode:2);location.href=params},jq_bbq.getState=jq_bbq_getState=function(key,coerce){return" void 0='==key||"boolean"==typeof' key?jq_deparam_fragment(key):jq_deparam_fragment(coerce)[key]},jq_bbq.removeState="function(arr){var" state="{};void" 0="=arr&&(state=jq_bbq_getState(),$.each($.isArray(arr)?arr:arguments,function(i,v){delete" state[v]})),jq_bbq_pushState(state,2)},special.hashchange="$.extend(special.hashchange,{add:function(handleObj){var" old_handler;function new_handler(e){var hash="e.fragment=jq_param_fragment();e.getState=function(key,coerce){return" void 0='==key||"boolean"==typeof' key?jq_deparam(hash,key):jq_deparam(hash,coerce)[key]},old_handler.apply(this,arguments)}if($.isFunction(handleObj))return old_handler="handleObj,new_handler;old_handler=handleObj.handler,handleObj.handler=new_handler}})})(jQuery),(($,window)=">{var fake_onhashchange,timeout_id,last_hash,history_set,history_get,doc=document,special=$.event.special,doc=doc.documentMode,supports_onhashchange="onhashchange"in window&&(void 0===doc||7<doc);function get_fragment(url){return # +(url='url||location.href).replace(/^[^#]*#?(.*)$/,"$1")}function' fn_retval(val){return val}function poll(){var hash='get_fragment(),history_hash=history_get(last_hash);hash!==last_hash?(history_set(last_hash=hash,history_hash),$(window).trigger("hashchange")):history_hash!==last_hash&&(location.href=location.href.replace(/#.*/,"")+history_hash),timeout_id=setTimeout(poll,$.fn.hashchange.delay)}$.fn.hashchange=function(fn){return' fn?this.bind hashchange ,fn):this.trigger hashchange )},$.fn.hashchange.delay="50,special.hashchange=$.extend(special.hashchange,{setup:function(){if(supports_onhashchange)return!1;$(fake_onhashchange.start)},teardown:function(){if(supports_onhashchange)return!1;$(fake_onhashchange.stop)}}),doc={},last_hash=get_fragment(),history_get=history_set=fn_retval,doc.start=function(){timeout_id||poll()},doc.stop=function(){timeout_id&&clearTimeout(timeout_id),timeout_id=void" 0},fake_onhashchange="doc})(jQuery,this);">