Comments (4)
The only elements allowed inside a TR are TD or TH. Anything else is invalid markup.
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/tr#technical_summary
For a string that is valid markup, jQuery would have created valid DOM elements for it. So now it's a question of how invalid markup should be handled, which is often not very well defined. I don't know if this is covered in a spec.
At least for a recent Chrome, it appears that any invalid element that has content and appears in a TR is effectively converted to a TD even if you use DOM methods.
https://jsfiddle.net/rbzkt239/
Again in Chrome, non-content elements like SCRIPT and LINK don't create a TD. Since the DOM methods don't execute embedded scripts like jQuery, it's not quite the same.
https://jsfiddle.net/7sxwdmk0/
Is the script supposed to be executed in this case? If so, does the ajaxResponse injection assume you're using jQuery?
from jquery.
So now it's a question of how invalid markup should be handled
That's not for me to say, so I won't go into that.
All I notice, is that SCRIPT tag inside a TR does appear to work in both Firefox and Edge (didn't check any other browser).
Is the script supposed to be executed in this case?
Yes. It is a cookie being set by a "WebSeal" server that handles security matters (authentication, authorization).
If so, does the ajaxResponse injection assume you're using jQuery?
It does not (and can't as it is supposed to work with any text/html response (regardless of whether jQuery is used or not).
from jquery.
The only way it would work without jQuery is if the browser loaded the response as a complete web page.
With jQuery, injecting a script works: https://jsfiddle.net/c0r9y4vd/
Without jQuery, it does not: https://jsfiddle.net/7sxwdmk0/
You might want to check with the WebSeal group or documentation and see what their advice is for implementing AJAX requests. The mentions I could find seem to indicate this is very old tech, so if it's a problem I'm surprised it hasn't come up before: https://serverfault.com/questions/47148/reverse-proxies-and-ajax
I'll leave it to the team as to whether a scenario like this should be supported.
from jquery.
Thanks for opening an issue. We discussed in the meeting. This falls under when you give unexpected input, you'll get unexpected output. While it's admittedly strange that the TDs are lost, the script tag is invalid. Besides, we'd prefer not to build in special case logic for things like this because it would never end.
However, if you know the response might be weird, the script could instead be appended separately with .append(...ajaxResponse.match(/^<script.*?<\/script>|.+/gis))
.
from jquery.
Related Issues (20)
- v4 beta : mottie/tablesorter plugin fails with sort() and trim() missing HOT 1
- Jquery-UI getting Error With jQuery jQuery 4.0.0 BETA! HOT 4
- jQuery.get() 4.0 backward compatibility issue HOT 3
- Permissions policy violation due to unload event HOT 1
- Avoiding JQuery version disclosure on Angular's Script.JS HOT 1
- Scripts in dynamically set html always asynchronously loaded HOT 3
- jQuery 3.7.1 is still making wrong calculation of dimensions in Firefox. HOT 1
- Memory Leak: OriginAnchor HOT 6
- Memory Leak: boxSizingReliable HOT 4
- Triggering after an `alert()` in an event handler results in a JS error HOT 3
- The strange behavior generated by the append method HOT 1
- Avoid counting scroll twice in offset HOT 2
- jQuery Migrate 3.4.0 - elem.focus() is not working HOT 3
- Issue or behaviour??? - 2.2.3 to 3.6.0 - active element changed on focus. HOT 2
- Issue using JQuery 3.7.1 and CSP HOT 2
- Jquery Vite installation doesnt work. HOT 1
- Fix CSS test issues in Firefox coming from CSS zoom support HOT 4
- Upgrade issues for jquery HOT 3
- Documentation for jQuery.contains() HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jquery.