Skip to content
Permalink
Browse files

Restore rhtmlString to its original form. 1.9 will come with starts-w…

…ith html matching. For now, we are warning against broad use of jQuery() to parse html.
  • Loading branch information...
timmywil committed Jun 20, 2012
1 parent c20e031 commit 6cdca88eee674e48f9bf0e41fca18f75f32426b7
Showing with 6 additions and 7 deletions.
  1. +1 −2 src/core.js
  2. +5 −5 test/unit/core.js
@@ -41,8 +41,7 @@ var

// A simple way to check for HTML strings
// Prioritize #id over <tag> to avoid XSS via location.hash (#9521)
// Ignore html if within quotes "" '' or brackets/parens [] ()
rhtmlString = /^(?:[^#<\\]*(<[\w\W]+>)(?![^\[]*\])(?![^\(]*\))(?![^']*')(?![^"]*")[^>]*$)/,
rhtmlString = /^(?:[^#<]*(<[\w\W]+>)[^>]*$)/,

// Match a standalone tag
rsingleTag = /^<(\w+)\s*\/?>(?:<\/\1>)?$/,
@@ -605,7 +605,7 @@ test("isWindow", function() {
});

test("jQuery('html')", function() {
expect( 22 );
expect( 18 );

QUnit.reset();
jQuery.foo = false;
@@ -638,10 +638,10 @@ test("jQuery('html')", function() {
ok( jQuery("<div></div>")[0], "Create a div with closing tag." );
ok( jQuery("<table></table>")[0], "Create a table with closing tag." );

equal( jQuery("element[attribute='<div></div>']").length, 0, "When html is within brackets, do not recognize as html." );
equal( jQuery("element[attribute=<div></div>]").length, 0, "When html is within brackets, do not recognize as html." );
equal( jQuery("element:not(<div></div>)").length, 0, "When html is within parens, do not recognize as html." );
equal( jQuery("\\<div\\>").length, 0, "Ignore escaped html characters" );
// equal( jQuery("element[attribute='<div></div>']").length, 0, "When html is within brackets, do not recognize as html." );
// equal( jQuery("element[attribute=<div></div>]").length, 0, "When html is within brackets, do not recognize as html." );
// equal( jQuery("element:not(<div></div>)").length, 0, "When html is within parens, do not recognize as html." );
// equal( jQuery("\\<div\\>").length, 0, "Ignore escaped html characters" );

// Test very large html string #7990
var i;

0 comments on commit 6cdca88

Please sign in to comment.
You can’t perform that action at this time.