This repository has been archived by the owner on Apr 12, 2024. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix($sanitize): don't rely on YARR regex engine executing immediately
In Safari 7 (and other browsers potentially using the latest YARR JIT library) regular expressions are not always executed immediately that they are called. The regex is only evaluated (lazily) when you first access properties on the `matches` result object returned from the regex call. In the case of `decodeEntities()`, we were updating this returned object, `parts[0] = ''`, before accessing it, `if (parts[2])', and so our change was overwritten by the result of executing the regex. The solution here is not to modify the match result object at all. We only need to make use of the three match results directly in code. Developers should be aware, in the future, when using regex, to read from the result object before making modifications to it. There is no additional test committed here, because when run against Safari 7, this bug caused numerous specs to fail, which are all fixed by this commit. Closes #5193 Closes #5192
- Loading branch information
1 parent
fd4b999
commit 81b8185
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -360,25 +360,27 @@ function htmlParser( html, handler ) { | |
| } | ||
| } | ||
|
|
||
| var hiddenPre=document.createElement("pre"); | ||
| var spaceRe = /^(\s*)([\s\S]*?)(\s*)$/; | ||
| /** | ||
| * decodes all entities into regular string | ||
| * @param value | ||
| * @returns {string} A string with decoded entities. | ||
| */ | ||
| function decodeEntities(value) { | ||
| if (!value) { return ''; } | ||
|
|
||
| // Note: IE8 does not preserve spaces at the start/end of innerHTML | ||
| // so we must capture them and reattach them afterward | ||
| var parts = spaceRe.exec(value); | ||
| var spaceBefore = parts[1]; | ||
| var spaceAfter = parts[3]; | ||
| var content = parts[2]; | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong. 
mbj
|
||
| if (content) { | ||
| hiddenPre.innerHTML=content.replace(/</g,"<"); | ||
| content = hiddenPre.innerText || hiddenPre.textContent; | ||
| } | ||
| return spaceBefore + content + spaceAfter; | ||
| } | ||
|
|
||
| /** | ||
|
|
||
hmm, this seems like a significantly more complicated solution. Is that necessarily a good thing?