Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Sortable: prevent inline javascript contained in <script> tags to be executed on First item drop. Fixed #6951 - Inline script executing on FIRST drop. #572

Closed
wants to merge 2 commits into from

5 participants

@fadomire

Sortable: prevent inline javascript contained in

fadomire added some commits
@fadomire fadomire Sortable: prevent inline javascript contained in <script> tags to be …
…executed on First item drop. Fixed #6951 - Inline script executing on FIRST drop.
f690657
@fadomire fadomire Sortable: prevent inline javascript contained in <script> tags to be …
…executed on First item drop. Fixed #6951 - Inline script executing on FIRST drop.
daf1ac6
@fadomire

I commited a second time because first fix was just using Jquery object instead of pure Javascript object, which was at the end making the fix useless

@jstrimpel

I encountered this problem as well thanks to people blurring the back-end and front-end duties {end rant}. A workaround is...

start: function(event, ui) { ui.item.find('script').remove(); }

@mikesherov
Collaborator

I recommend closing this pull request as this will be fixed in jQuery core here: http://bugs.jquery.com/ticket/11795

@0flav

Hello!
Now it's fixed in jQuery core, but the problem persist...
Are you going to open this ticket again?
Bye.

@mikesherov
Collaborator

@0flav please submit a bug report proving it still exists at bugs.jqueryui.com

@0flav

I mean they really fix it, but not as you are waiting for.
They just prefer to keep first execution.
So they fix their ticket, but they simply don't choice the way allowing to automatically fix yours.
Damage : /

At the end of the jquery ticket it's written :
Resolution set to fixed, keep scripts in DOM; execute only on first insertion.

Maybe i don't understand clearly the problem cause i don't understand english very well...
Is it works for you?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Jan 13, 2012
  1. @fadomire

    Sortable: prevent inline javascript contained in <script> tags to be …

    fadomire authored
    …executed on First item drop. Fixed #6951 - Inline script executing on FIRST drop.
Commits on Jan 18, 2012
  1. @fadomire

    Sortable: prevent inline javascript contained in <script> tags to be …

    fadomire authored
    …executed on First item drop. Fixed #6951 - Inline script executing on FIRST drop.
This page is out of date. Refresh to see the latest.
Showing with 5 additions and 1 deletion.
  1. +5 −1 ui/jquery.ui.sortable.js
View
6 ui/jquery.ui.sortable.js
@@ -983,7 +983,11 @@ $.widget("ui.sortable", $.ui.mouse, {
// We first have to update the dom position of the actual currentItem
// Note: don't do it if the current item is already removed (by a user), or it gets reappended (see #4088)
- if(!this._noFinalSort && this.currentItem.parent().length) this.placeholder.before(this.currentItem);
+ if(!this._noFinalSort && this.currentItem.parent().length)
+
+ // We use javascript instead of jquery to insert item, because jquery before() first execute the script and then remove the <script> tag, and for sorting we dont need the js to be evaluated (see #6951)
+ this.placeholder[0].parentNode.insertBefore(this.currentItem[0], this.placeholder[0]);
+
this._noFinalSort = null;
if(this.helper[0] == this.currentItem[0]) {
Something went wrong with that request. Please try again.