averello/jquery-validation-mirror
1
0
Fork 0
mirror of https://github.com/jquery-validation/jquery-validation.git synced 2025-12-14 20:35:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Core: Escape single quotes in names avoiding a Sizzle Error being thrown

Browse Source 
When a name or ID contains single quotes, a Sizzle error will be thrown,
so to avoid that, we have to escape all single quotes in that name or ID
before using it.
This commit is contained in:
Brahim Arkni
2015-10-09 15:59:46 +01:00
parent d845a33c6e
commit 10f4357f5e
1 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/core.js
View File

@@ -803,7 +803,7 @@ $.extend( $.validator, {
if ( error.is( "label" ) ) {
// If the error is a label, then associate using 'for'
error.attr( "for", elementID );
} else if ( error.parents( "label[for='" + elementID + "']" ).length === 0 ) {
} else if ( error.parents( "label[for='" + elementID.replace( /'/g, "\\'" ) + "']" ).length === 0 ) {
// If the element is not a child of an associated label, then it's necessary
// to explicitly apply aria-describedby
@@ -822,7 +822,7 @@ $.extend( $.validator, {
if ( group ) {
$.each( this.groups, function( name, testgroup ) {
if ( testgroup === group ) {
$( "[name='" + name + "']", this.currentForm )
$( "[name='" + name.replace( /'/g, "\\'" ) + "']", this.currentForm )
.attr( "aria-describedby", error.attr( "id" ) );
}
} );
@@ -841,14 +841,17 @@ $.extend( $.validator, {
},
errorsFor: function( element ) {
var name = this.idOrName( element ),
var name = this.idOrName( element ).replace( /'/g, "\\'" ),
describer = $( element ).attr( "aria-describedby" ),
selector = "label[for='" + name + "'], label[for='" + name + "'] *";
// aria-describedby should directly reference the error element
if ( describer ) {
selector = selector + ", #" + describer.replace( /\s+/g, ", #" );
selector = selector + ", #" + describer
.replace( /'/g, "\\'" )
.replace( /\s+/g, ", #" );
}
return this
.errors()
.filter( selector );
@@ -874,7 +877,7 @@ $.extend( $.validator, {
},
findByName: function( name ) {
return $( this.currentForm ).find( "[name='" + name + "']" );
return $( this.currentForm ).find( "[name='" + name.replace( /'/g, "\\'" ) + "']" );
},
getLength: function( value, element ) {