rpms
/
js-jquery
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update to jQuery 3.2.1

Browse Source
epel9
Christopher Tubbs 8 years ago
parent 18b7d13fc6
commit 034fe58098
6 changed files with 86 additions and 112 deletions
Show Stats Download Patch File Download Diff File

1
.gitignore vendored
Unescape View File

@ -1,3 +1,4 @@
/js-jquery-4dec426aa2a6cbabb1b064319ba7c272d594a688.tar.gz /js-jquery-4dec426aa2a6cbabb1b064319ba7c272d594a688.tar.gz
/js-jquery-8f2a9d9272d6ed7f32d3a484740ab342c02541e0.tar.gz /js-jquery-8f2a9d9272d6ed7f32d3a484740ab342c02541e0.tar.gz
/jquery-2.2.4.tar.gz /jquery-2.2.4.tar.gz
/jquery-3.2.1.tar.gz

60
disable-insight-tracking.patch
Unescape View File

@ -0,0 +1,60 @@
diff --git a/build/tasks/build.js b/build/tasks/build.js
index 69916bf..58e65ad 100644
--- a/build/tasks/build.js
+++ b/build/tasks/build.js
@@ -10,7 +10,6 @@ module.exports = function( grunt ) {
var fs = require( "fs" ),
requirejs = require( "requirejs" ),
- Insight = require( "insight" ),
pkg = require( "../../package.json" ),
srcFolder = __dirname + "/../../src/",
rdefineEnd = /\}\s*?\);[^}\w]*$/,
@@ -337,46 +336,16 @@ module.exports = function( grunt ) {
grunt.registerTask( "custom", function() {
var args = this.args,
modules = args.length ? args[ 0 ].replace( /,/g, ":" ) : "",
- done = this.async(),
- insight = new Insight( {
- trackingCode: "UA-1076265-4",
- pkg: pkg
- } );
+ done = this.async();
function exec( trackingAllowed ) {
- var tracks = args.length ? args[ 0 ].split( "," ) : [];
var defaultPath = [ "build", "custom" ];
- tracks = tracks.map( function( track ) {
- return track.replace( /\//g, "+" );
- } );
-
- if ( trackingAllowed ) {
-
- // Track individuals
- tracks.forEach( function( module ) {
- var path = defaultPath.concat( [ "individual" ], module );
-
- insight.track.apply( insight, path );
- } );
-
- // Track full command
- insight.track.apply( insight, defaultPath.concat( [ "full" ], tracks ) );
- }
-
grunt.task.run( [ "build:*:*" + ( modules ? ":" + modules : "" ), "uglify", "dist" ] );
done();
}
grunt.log.writeln( "Creating custom build...\n" );
- // Ask for permission the first time
- if ( insight.optOut === undefined ) {
- insight.askPermission( null, function( error, result ) {
- exec( result );
- } );
- } else {
- exec( !insight.optOut );
- }
} );
};

15
js-jquery-disable-gzip-js.patch
Unescape View File

@ -1,11 +1,14 @@
diff --git a/Gruntfile.js b/Gruntfile.js diff --git a/Gruntfile.js b/Gruntfile.js
index 12ae008..5d541f2 100644
--- a/Gruntfile.js --- a/Gruntfile.js
+++ b/Gruntfile.js +++ b/Gruntfile.js
@@ -13,7 +13,6 @@ module.exports = function( grunt ) { @@ -12,8 +12,7 @@ module.exports = function( grunt ) {
return data;
}
var fs = require( "fs" ), - var fs = require( "fs" ),
stripJSONComments = require( "strip-json-comments" ), - gzip = require( "gzip-js" );
- gzip = require( "gzip-js" ), + var fs = require( "fs" );
srcHintOptions = readOptionalJSON( "src/.jshintrc" ),
newNode = !/^v0/.test( process.version ),
if ( !grunt.option( "filename" ) ) {
grunt.option( "filename", "jquery.js" );

29
js-jquery.spec
Unescape View File

@ -1,6 +1,6 @@
Name: js-jquery Name: js-jquery
Version: 2.2.4 Version: 3.2.1
Release: 3%{?dist} Release: 1%{?dist}
Summary: JavaScript DOM manipulation, event handling, and AJAX library Summary: JavaScript DOM manipulation, event handling, and AJAX library
BuildArch: noarch BuildArch: noarch
@ -8,14 +8,15 @@ BuildArch: noarch
%global ver_y %(echo %{version} | cut -d. -f2) %global ver_y %(echo %{version} | cut -d. -f2)
%global ver_z %(echo %{version} | cut -d. -f3) %global ver_z %(echo %{version} | cut -d. -f3)
License: MIT License: MIT
URL: https://jquery.com/ URL: https://jquery.com/
Source0: https://github.com/jquery/jquery/archive/%{version}/jquery-%{version}.tar.gz Source0: https://github.com/jquery/jquery/archive/%{version}/jquery-%{version}.tar.gz
# disable gzip-js during build # disable gzip-js during build
Patch1: %{name}-disable-gzip-js.patch Patch1: %{name}-disable-gzip-js.patch
# backport of XSS bug fix from upstream; upstream fixed in 3.0.0 and newer
Patch2: xss-fix-b078a62.patch # disable missing insight module
Patch2: disable-insight-tracking.patch
BuildRequires: web-assets-devel BuildRequires: web-assets-devel
BuildRequires: nodejs-packaging BuildRequires: nodejs-packaging
@ -23,8 +24,8 @@ BuildRequires: js-sizzle-static
Provides: jquery = %{version}-%{release} Provides: jquery = %{version}-%{release}
Provides: %{name}-static = %{version}-%{release} Provides: %{name}-static = %{version}-%{release}
Provides: %{name}2 = %{version}-%{release} Provides: %{name}%{ver_x} = %{version}-%{release}
Provides: %{name}2-static = %{version}-%{release} Provides: %{name}%{ver_x}-static = %{version}-%{release}
BuildRequires: nodejs-grunt >= 0.4.4-3 BuildRequires: nodejs-grunt >= 0.4.4-3
BuildRequires: npm(shelljs) BuildRequires: npm(shelljs)
@ -39,16 +40,13 @@ Requires: web-assets-filesystem
%description %description
jQuery is a fast, small, and feature-rich JavaScript library. It makes things jQuery is a fast, small, and feature-rich JavaScript library. It makes things
like HTML document traversal and manipulation, event handling, animation, and like HTML document traversal and manipulation, event handling, animation, and
Ajax much simpler with an easy-to-use API that works across a multitude of Ajax much simpler with an easy-to-use API that works across a multitude of
browsers. With a combination of versatility and extensibility, jQuery has browsers. With a combination of versatility and extensibility, jQuery has
changed the way that millions of people write JavaScript. changed the way that millions of people write JavaScript.
%prep %prep
# autosetup doesn't work right on epel7 branch %autosetup -p1 -n jquery-%{version}
%setup -qn jquery-%{version}
%patch1 -p1
%patch2 -p1
#remove precompiled stuff #remove precompiled stuff
rm -rf dist/* src/sizzle rm -rf dist/* src/sizzle
@ -88,6 +86,9 @@ ln -s %{version} %{installdir}/%{ver_x}.%{ver_y}
%changelog %changelog
* Wed Apr 12 2017 Christopher Tubbs <ctubbsii@fedoraproject.org> - 3.2.1-1
- Update to jQuery 3.2.1
* Tue Apr 11 2017 Christopher Tubbs <ctubbsii@fedoraproject.org> - 2.2.4-3 * Tue Apr 11 2017 Christopher Tubbs <ctubbsii@fedoraproject.org> - 2.2.4-3
- Update provides in prep for js-jquery package rename to js-jquery2 - Update provides in prep for js-jquery package rename to js-jquery2

2
sources
Unescape View File

@ -1 +1 @@
SHA512 (jquery-2.2.4.tar.gz) = bd1176286451adeaa8c18eb98e01e8b91e45157f7263907772d637a2c15b8ac27b780be14983c4abcff5def668323beab9a6889d8da4beb6c2c06fae1f5bed1d SHA512 (jquery-3.2.1.tar.gz) = c237b4de4e7d31cde8f8de2493ae92f7db1d504b83f24808738066bdaa7c906f3b6f819eeff1bb90881cbbccd1d32fbc06f63e847c13548adc92671d796bf336

91
xss-fix-b078a62.patch
Unescape View File

@ -1,91 +0,0 @@
From b078a62013782c7424a4a61a240c23c4c0b42614 Mon Sep 17 00:00:00 2001
From: Oleg Gaidarenko <markelog@gmail.com>
Date: Thu, 10 Sep 2015 13:40:00 +0300
Subject: [PATCH] Ajax: Mitigate possible XSS vulnerability
Proposed by @jaubourg
Fixes gh-2432
Closes gh-2588
---
src/ajax/script.js | 7 +++++++
test/unit/ajax.js | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 55 insertions(+), 0 deletion(-)
diff --git a/src/ajax/script.js b/src/ajax/script.js
index 60b1fb6..0ec27b4 100644
--- a/src/ajax/script.js
+++ b/src/ajax/script.js
@@ -4,6 +4,13 @@ define( [
"../ajax"
], function( jQuery, document ) {
+// Prevent auto-execution of scripts when no explicit dataType was provided (See gh-2432)
+jQuery.ajaxPrefilter( function( s ) {
+ if ( s.crossDomain ) {
+ s.contents.script = false;
+ }
+} );
+
// Install script dataType
jQuery.ajaxSetup( {
accepts: {
diff --git a/test/unit/ajax.js b/test/unit/ajax.js
index 14fe0be..6479587 100644
--- a/test/unit/ajax.js
+++ b/test/unit/ajax.js
@@ -71,6 +71,54 @@ QUnit.module( "ajax", {
};
} );
+ ajaxTest( "jQuery.ajax() - do not execute js (crossOrigin)", 2, function( assert ) {
+ return {
+ create: function( options ) {
+ options.crossDomain = true;
+ return jQuery.ajax( url( "data/script.php?header=ecma" ), options );
+ },
+ success: function() {
+ assert.ok( true, "success" );
+ },
+ complete: function() {
+ assert.ok( true, "complete" );
+ }
+ };
+ } );
+
+ ajaxTest( "jQuery.ajax() - execute js for crossOrigin when dataType option is provided", 3,
+ function( assert ) {
+ return {
+ create: function( options ) {
+ options.crossDomain = true;
+ options.dataType = "script";
+ return jQuery.ajax( url( "data/script.php?header=ecma" ), options );
+ },
+ success: function() {
+ assert.ok( true, "success" );
+ },
+ complete: function() {
+ assert.ok( true, "complete" );
+ }
+ };
+ }
+ );
+
+ ajaxTest( "jQuery.ajax() - do not execute js (crossOrigin)", 2, function( assert ) {
+ return {
+ create: function( options ) {
+ options.crossDomain = true;
+ return jQuery.ajax( url( "data/script.php" ), options );
+ },
+ success: function() {
+ assert.ok( true, "success" );
+ },
+ complete: function() {
+ assert.ok( true, "complete" );
+ }
+ };
+ } );
+
ajaxTest( "jQuery.ajax() - success callbacks (late binding)", 8, function( assert ) {
return {
setup: addGlobalEvents( "ajaxStart ajaxStop ajaxSend ajaxComplete ajaxSuccess", assert ),
Write Preview
Loading…
Cancel
Save