wicket git commit: WICKET-6085 eval in global scope, to prevent leak of local variables into the evaluated script

Fri, 05 Feb 2016 15:22:52 -0800 

Repository: wicket
Updated Branches:
  refs/heads/master 3c4f10258 -> 94f8fd3c6


WICKET-6085 eval in global scope, to prevent leak of local variables into the 
evaluated script


Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/94f8fd3c
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/94f8fd3c
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/94f8fd3c

Branch: refs/heads/master
Commit: 94f8fd3c66909694db043b33443a2f21b21fa784
Parents: 3c4f102
Author: Sven Meier <[email protected]>
Authored: Sat Feb 6 00:18:15 2016 +0100
Committer: Sven Meier <[email protected]>
Committed: Sat Feb 6 00:20:18 2016 +0100

----------------------------------------------------------------------
 .../org/apache/wicket/ajax/res/js/wicket-ajax-jquery.js  | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/wicket/blob/94f8fd3c/wicket-core/src/main/java/org/apache/wicket/ajax/res/js/wicket-ajax-jquery.js
----------------------------------------------------------------------
diff --git 
a/wicket-core/src/main/java/org/apache/wicket/ajax/res/js/wicket-ajax-jquery.js 
b/wicket-core/src/main/java/org/apache/wicket/ajax/res/js/wicket-ajax-jquery.js
index 9db558a..0f8a67f 100644
--- 
a/wicket-core/src/main/java/org/apache/wicket/ajax/res/js/wicket-ajax-jquery.js
+++ 
b/wicket-core/src/main/java/org/apache/wicket/ajax/res/js/wicket-ajax-jquery.js
@@ -1186,8 +1186,8 @@
                                        var toExecute = "f = function(" + 
parameters + ") {" + body + "};";
 
                                        try {
-                                               // do the evaluation
-                                               eval(toExecute);
+                                               // do the evaluation in global 
scope
+                                               window.eval(toExecute);
                                                f(notify);
                                        } catch (exception) {
                                                
log.error("Wicket.Ajax.Call.processEvaluation: Exception evaluating javascript: 
" + exception + ", text: " + text);
@@ -1200,8 +1200,8 @@
                                return function(notify) {
                                        // just evaluate the javascript
                                        try {
-                                               // do the evaluation
-                                               eval(script);
+                                               // do the evaluation in global 
scope
+                                               window.eval(script);
                                        } catch (exception) {
                                                
log.error("Wicket.Ajax.Call.processEvaluation: Exception evaluating javascript: 
" + exception + ", text: " + text);
                                        }
@@ -2265,7 +2265,8 @@
                                                                
Wicket.Head.addJavascript(text, id, "", type);
                                                        } else {
                                                                try {
-                                                                       
eval(text);
+                                                                       // do 
the evaluation in global scope
+                                                                       
window.eval(text);
                                                                } catch (e) {
                                                                        
Wicket.Log.error("Wicket.Head.Contributor.processScript: " + e + ": eval -> " + 
text);
                                                                }

Reply via email to