-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
…son' The default behaviour breaks a wide variety of custom interpolation markers. Even if the JSON text regexps were strengthened to closer match the standard JSON format, it would still limit the possibilities of different custom interpolation markers. Instead, $http will no longer parse JSON if the response Content-Type header does not include the term 'json', or if the $templateCache is used. For inline templates, use the `content-type="json"` attribute to ensure that inline JSON templates are parsed. BREAKING CHANGE: Previously, responses would be parsed as JSON if their content looked vaguely like JSON. Now, they are only parsed as JSON if their Content-Type response header contains the term 'json', and if they are not coming from the $templateCache. Closes angular#5756 Closes angular#2973
- Loading branch information
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -91,11 +91,13 @@ function $HttpProvider() { | |
|
||
var defaults = this.defaults = { | ||
// transform incoming response data | ||
transformResponse: [function(data) { | ||
transformResponse: [function(data, headers) { | ||
if (isString(data)) { | ||
// strip json vulnerability protection prefix | ||
var contentType = isFunction(headers) && headers('Content-Type'); | ||
data = data.replace(PROTECTION_PREFIX, ''); | ||
if (JSON_START.test(data) && JSON_END.test(data)) | ||
if (JSON_START.test(data) && JSON_END.test(data) && | ||
(contentType && contentType.indexOf('json') >= 0)) | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong.
caitp
Author
Owner
|
||
data = fromJson(data); | ||
} | ||
return data; | ||
|
@caitp was just looking into number of issues related to this second-guessing of JSON response format and from what I could see people are mostly after having values like
"foo"
,1
ornull
to be parsed as JSON. I'm probably missing tons of things, but couldn't we improve the current situation by turning this condition into:While not ideal it would probably address all the issues reported so far. I've crafted a simple commit based on this idea here: pkozlowski-opensource@5b1e5d7 and the CI build is green with this change. But yeh, I'm probably missing things here and there is still a potential for a breaking change here...