diff --git a/.gitmodules b/.gitmodules index 19c60418e3..2c37e3ae62 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,6 +1,6 @@ [submodule "src/sizzle"] path = src/sizzle - url = git://github.com/jquery/sizzle.git + url = https://github.com/jquery/sizzle.git [submodule "test/qunit"] path = test/qunit - url = git://github.com/jquery/qunit.git + url = https://github.com/qunitjs/qunit.git diff --git a/build/jslint-check.js b/build/jslint-check.js index 72d6701876..567f99a952 100644 --- a/build/jslint-check.js +++ b/build/jslint-check.js @@ -1,5 +1,5 @@ var JSLINT = require("./lib/jslint").JSLINT, - print = require("sys").print, + print = console.log, src = require("fs").readFileSync("dist/jquery.js", "utf8"); JSLINT(src, { evil: true, forin: true, maxerr: 100 }); @@ -21,7 +21,7 @@ var e = JSLINT.errors, found = 0, w; for ( var i = 0; i < e.length; i++ ) { w = e[i]; - if ( !ok[ w.reason ] ) { + if ( w && !ok[ w.reason ] ) { found++; print( "\n" + w.evidence + "\n" ); print( " Problem at line " + w.line + " character " + w.character + ": " + w.reason ); diff --git a/build/post-compile.js b/build/post-compile.js index 98b8b849fa..aca870c336 100644 --- a/build/post-compile.js +++ b/build/post-compile.js @@ -1,6 +1,6 @@ #!/usr/bin/env node -var print = require( "sys" ).print, +var print = console.log, fs = require( "fs" ), src = fs.readFileSync( process.argv[2], "utf8" ), version = fs.readFileSync( "version.txt", "utf8" ), diff --git a/component.json b/component.json index a3525b8844..29d893ac65 100755 --- a/component.json +++ b/component.json @@ -1,6 +1,6 @@ { "name" : "jquery", - "version" : "1.6.4", + "version" : "1.6.5-sec", "main" : "./jquery.js", "dependencies": { } diff --git a/jquery.js b/jquery.js old mode 100755 new mode 100644 index 719e1d4ec1..d0e5bfb246 --- a/jquery.js +++ b/jquery.js @@ -1,5 +1,5 @@ /*! - * jQuery JavaScript Library v1.6.4 + * jQuery JavaScript Library v1.6.5-sec * http://jquery.com/ * * Copyright 2011, John Resig @@ -11,7 +11,7 @@ * Copyright 2011, The Dojo Foundation * Released under the MIT, BSD, and GPL Licenses. * - * Date: Mon Sep 12 18:54:48 2011 -0400 + * Date: Fri Dec 15 14:14:35 2023 -0600 */ (function( window, undefined ) { @@ -38,7 +38,8 @@ var jQuery = function( selector, context ) { // A simple way to check for HTML strings or ID strings // Prioritize #id over to avoid XSS via location.hash (#9521) - quickExpr = /^(?:[^#<]*(<[\w\W]+>)[^>]*$|#([\w\-]*)$)/, + // Strict HTML recognition (#11290: must start with <) + quickExpr = /^(?:(<[\w\W]+>)[^>]*|#([\w-]*))$/, // Check if a string has a non-whitespace character in it rnotwhite = /\S/, @@ -213,7 +214,7 @@ jQuery.fn = jQuery.prototype = { selector: "", // The current version of jQuery being used - jquery: "1.6.4", + jquery: "1.6.5-sec", // The default length of a jQuery object is 0 length: 0, @@ -357,8 +358,9 @@ jQuery.extend = jQuery.fn.extend = function() { src = target[ name ]; copy = options[ name ]; + // Prevent Object.prototype pollution // Prevent never-ending loop - if ( target === copy ) { + if ( name === "__proto__" || target === copy ) { continue; } @@ -1401,6 +1403,12 @@ jQuery.support = (function() { } } + // Support: IE <=9 only + // IE <=9 replaces "; + support.option = !!div.lastChild; + // Null connected elements to avoid leaks in IE testElement = fragment = select = opt = body = marginDiv = div = input = null; @@ -5529,7 +5537,6 @@ function winnow( elements, qualifier, keep ) { var rinlinejQuery = / jQuery\d+="(?:\d+|null)"/g, rleadingWhitespace = /^\s+/, - rxhtmlTag = /<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[^>]*)\/>/ig, rtagName = /<([\w:]+)/, rtbody = /", "" ], legend: [ 1, "
", "
" ], thead: [ 1, "", "
" ], tr: [ 2, "", "
" ], @@ -5549,10 +5555,14 @@ var rinlinejQuery = / jQuery\d+="(?:\d+|null)"/g, _default: [ 0, "", "" ] }; -wrapMap.optgroup = wrapMap.option; wrapMap.tbody = wrapMap.tfoot = wrapMap.colgroup = wrapMap.caption = wrapMap.thead; wrapMap.th = wrapMap.td; +// Support: IE <=9 only +if ( !jQuery.support.option ) { + wrapMap.optgroup = wrapMap.option = [ 1, "" ]; +} + // IE can't serialize and