jQuery 3.5.0 منتشر شد
نویسنده: وحید نصیری
تاریخ: ۱۳۹۹/۰۱/۲۳ ۱۰:۴۵
آدرس: www.dntips.ir
| مطالب | ۳۶۹۴ |
| نویسندگان | ۲۷۶ |
| گروههای مطالب | ۱۰۲۴ |
| نقشههای راه | ۱۱۹ |
| دورهها | ۱۴ |
| اشتراکها | ۱۷۹۱۴ |
The main change in this release is a security fix, and it’s possible you
will need to change your own code to adapt. Here’s why: jQuery used a
regex in its jQuery.htmlPrefilter
method to ensure that all closing tags were XHTML-compliant when passed
to methods. For example, this prefilter ensured that a call like jQuery("<div class='hot' />") is actually converted to jQuery("<div class='hot'></div>"). Recently, an issue was reported that demonstrated the regex could introduce a cross-site scripting (XSS) vulnerability.