Ticket #2528646 (closed defect)
Reporter Michal Hantl |
Opened: 02/22/10 Last modified: 09/7/10 Status: closed Type: defect Resolution: fixed |
Owner  Thomas S. Sha |
Target Release: 3.2.0 Priority: P3 (normal) |
|---|---|---|---|
| Summary: | Scrambled responseText in IO with { upload: true } | ||
| Description: | The difference: Without { upload:true}, the JSON produced by the server is parsable. {"form":" <form method="post" enctype="multipart/form-data" >n ... With { upload:true }, the response gets scrambled and JSON produced by the server is *not parsable*. {"form":" <form method=""post"" enctype=""multipart/form-data"">n ... |
||
| Type: | defect | Observed in Version: | 3.0.0 |
| Component: | IO | Severity: | S2 (high) |
| Assigned To: | Thomas S. Sha | Target Release: | 3.2.0 |
| Location: | Library Code | Priority: | P3 (normal) |
| Tags: | upload | Relates To: | |
| Browsers: | Firefox 3.x - PC,Safari 4.x - PC | ||
| URL: | |||
| Test Information: | |||
Change History
|
Posted: 02/22/10
|
|
Posted: 02/22/10
Hello. Not sure how to fix it though. |
|
Posted: 05/11/10
Build 2115. Changed response retrieval from innerHTML to normalised "text" property in Node, to prevent the injection of HTML entities when an arbitrary string or JSON contains HTML entities. |
|
Posted: 06/30/10
|
|
Posted: 06/30/10
|
|
Posted: 09/7/10
|
George
|
Posted: 09/7/10
|
The file upload transport is an iframe, so the server response -- either text/plain or text/html -- is written into the iframe's document body. If HTML entities are used, they are parsed into the document. Instead, make sure the response is encoded, so the browser does not render the string, especially HTML fragments. For example:
The rawUrlEncode output from PHP results in the following string, based on your code fragment: %7B%22form%22%3A%3Cform%20method=%22post%22%20enctype=%22multipart/form-data%22%3E.
This string is then converted using decodeURIComponent. Subsequently, applying JSON parse will convert it back into JSON.
Regards,
Thomas