An invalid or illegal string was specified
-
The forums has been broken for two days now. I'm forced to use Chrome. Fucking Chrome.
nodebb.min.js, unminified, function ce at 934 (see code snippet below)
Offending line is
e.querySelectorAll('*,:x');
Stackoverflow says, by spec, escape that colon. https://stackoverflow.com/questions/45110893/select-elements-by-attributes-with-colon
Running that line in console gives "An invalid or illegal string was specified"
Running it as
e.querySelectorAll('*,\\3A x');
works fine.Straight from the brain-dead dinosaur's mouth: https://developer.mozilla.org/en-US/docs/Web/API/Document/querySelector
To match ID or selectors that do not follow the CSS syntax (by using a colon or space inappropriately for example), you must escape the character with a back slash. As the backslash is an escape character in JavaScript, if you are entering a literal string, you must escape it twice (once for the JavaScript string, and another time for querySelector):
plzfixkthnx
ce(function (e) { e.innerHTML = '<a href='' disabled='disabled'></a>' + '<select disabled='disabled'><option/></select>'; var t = p.createElement('input'); t.setAttribute('type', 'hidden'); e.appendChild(t) .setAttribute('name', 'D'); if (e.querySelectorAll('[name=d]') .length) { g.push('name' + R + '*[*^$|!~]?=') } if (e.querySelectorAll(':enabled') .length !== 2) { g.push(':enabled', ':disabled') } h.appendChild(e) .disabled = true; if (e.querySelectorAll(':disabled') .length !== 2) { g.push(':enabled', ':disabled') } e.querySelectorAll('*,:x'); g.push(',.*:') })
-
Oh fuck, an illegal string? I hope someone doesn't call the cops!
-
@doctorjones It's an undocumented string
-
@doctorjones
So you wear illegal underwear?
-
Also
t.includes is not a function
addNoReferrer: function (e) { e.find('a') .attr('rel', function (e, t) { t = t ? t.split(' ') : [ ]; [ 'noopener', 'noreferrer' ].forEach(function (e) { if (!t.includes(e)) { t.push(e) } }); return t.join(' ') }) },
-
@luhmann that's just a roundabout way of asking "what underwear are you wearing?" isn't it? Prevert!
-
@hungrier said in An invalid or illegal string was specified:
@doctorjones It's an undocumented string
undocumented is fine. If we got rid of all undocumented strings, the entire Open Source community would collapse. Cheap and plentiful software is built on the back of undocumented strings.
But if those strings perform an illegal operation, they must be shut down.
-
@lorne-kates we should build a wall to keep all the illegal strings out of our software.
Make software great again!
-
@doctorjones said in An invalid or illegal string was specified:
Oh fuck, an illegal string? I hope someone doesn't call the cops!
Don't worry, we're a sanctuary forum.
-
@doctorjones said in An invalid or illegal string was specified:
just a roundabout way of asking "what underwear are you wearing?"
that's just a roundabout way of telling us you are going commando, isn't it?
-
jQuery bug?
-
Decompiled: utils.js
addNoReferrer: function (containerEl) { containerEl.find('a').attr('rel', function (idx, value) { value = value ? value.split(' ') : []; ['noopener', 'noreferrer'].forEach(function (property) { if (!value.includes(property)) { value.push(property); } }); return value.join(' '); }); },
t is an array.
Are you fucking fukcing me, it's only supported in ff43+?!?
Can you at least wrap this in a try/catch? Or use
if (t.lastIndexOf(property) < 0)
?!?!?edit: "you" is the generic "you programmer peoples whoever you are"
-
@boomzilla said in An invalid or illegal string was specified:
jQuery bug?
Did the forum just update to a new version of jQuery.
-
@lorne-kates said in An invalid or illegal string was specified:
The forums has been broken for two days now.
I'm pretty sure it's been broken longer than that. A lot longer. CS. . Β . Β I don't think it's ever been not-broken, at least not while I've been here. Not to mention the broken users.
@lorne-kates said in An invalid or illegal string was specified:
I'm forced to use Chrome. Fucking Chrome.
Aw, poor baby.
-
@hardwaregeek said in An invalid or illegal string was specified:
Not to mention the broken users
It's better than being fixed!
-
For the first snippet, the unminified code is this:
/* QSA/matchesSelector ---------------------------------------------------------------------- */ // QSA and matchesSelector support // matchesSelector(:active) reports false when true (IE9/Opera 11.5) rbuggyMatches = []; // qSa(:focus) reports false when true (Chrome 21) // We allow this because of a bug in IE8/9 that throws an error // whenever `document.activeElement` is accessed on an iframe // So, we allow :focus to pass through QSA all the time to avoid the IE error // See https://bugs.jquery.com/ticket/13378 rbuggyQSA = []; if ( (support.qsa = rnative.test( document.querySelectorAll )) ) { // Build QSA regex // Regex strategy adopted from Diego Perini assert(function( el ) { // Select is set to empty string on purpose // This is to test IE's treatment of not explicitly // setting a boolean content attribute, // since its presence should be enough // https://bugs.jquery.com/ticket/12359 docElem.appendChild( el ).innerHTML = "<a id='" + expando + "'></a>" + "<select id='" + expando + "-\r\\' msallowcapture=''>" + "<option selected=''></option></select>"; // Support: IE8, Opera 11-12.16 // Nothing should be selected when empty strings follow ^= or $= or *= // The test attribute must be unknown in Opera but "safe" for WinRT // https://msdn.microsoft.com/en-us/library/ie/hh465388.aspx#attribute_section if ( el.querySelectorAll("[msallowcapture^='']").length ) { rbuggyQSA.push( "[*^$]=" + whitespace + "*(?:''|\"\")" ); } // Support: IE8 // Boolean attributes and "value" are not treated correctly if ( !el.querySelectorAll("[selected]").length ) { rbuggyQSA.push( "\\[" + whitespace + "*(?:value|" + booleans + ")" ); } // Support: Chrome<29, Android<4.4, Safari<7.0+, iOS<7.0+, PhantomJS<1.9.8+ if ( !el.querySelectorAll( "[id~=" + expando + "-]" ).length ) { rbuggyQSA.push("~="); } // Webkit/Opera - :checked should return selected option elements // http://www.w3.org/TR/2011/REC-css3-selectors-20110929/#checked // IE8 throws error here and will not see later tests if ( !el.querySelectorAll(":checked").length ) { rbuggyQSA.push(":checked"); } // Support: Safari 8+, iOS 8+ // https://bugs.webkit.org/show_bug.cgi?id=136851 // In-page `selector#id sibling-combinator selector` fails if ( !el.querySelectorAll( "a#" + expando + "+*" ).length ) { rbuggyQSA.push(".#.+[+~]"); } }); assert(function( el ) { el.innerHTML = "<a href='' disabled='disabled'></a>" + "<select disabled='disabled'><option/></select>"; // Support: Windows 8 Native Apps // The type and name attributes are restricted during .innerHTML assignment var input = document.createElement("input"); input.setAttribute( "type", "hidden" ); el.appendChild( input ).setAttribute( "name", "D" ); // Support: IE8 // Enforce case-sensitivity of name attribute if ( el.querySelectorAll("[name=d]").length ) { rbuggyQSA.push( "name" + whitespace + "*[*^$|!~]?=" ); } // FF 3.5 - :enabled/:disabled and hidden elements (hidden elements are still enabled) // IE8 throws error here and will not see later tests if ( el.querySelectorAll(":enabled").length !== 2 ) { rbuggyQSA.push( ":enabled", ":disabled" ); } // Support: IE9-11+ // IE's :disabled selector does not pick up the children of disabled fieldsets docElem.appendChild( el ).disabled = true; if ( el.querySelectorAll(":disabled").length !== 2 ) { rbuggyQSA.push( ":enabled", ":disabled" ); } // Opera 10-11 does not throw on post-comma invalid pseudos el.querySelectorAll("*,:x"); rbuggyQSA.push(",.*:"); }); }
That code is not meant to be exception-free. It's there to test your browser for various bugs so jQuery knows what to override.
If you're getting problems from that, you need to open the developer tools, go to the Sources tab, and uncheck "Pause on caught exceptions".
-
The second snippet is from here: https://github.com/NodeBB/NodeBB/blob/2e2b97033e63d0fa977f98dbe2188e96a77964f7/public/src/utils.js#L553
Paging @barisu / @julianlam
-
@tsaukpaetra said in An invalid or illegal string was specified:
@hardwaregeek said in An invalid or illegal string was specified:
Not to mention the broken users
It's better than being fixed!
It's not so bad, actually, if you're in the right place in your life.
-
Fixed the use of
.includes
, but if you want it, you're gonna have to run latestmaster
... or you could just apply this patch by hand:
From 5302e79b564f057105be467f885e0018b0605c58 Mon Sep 17 00:00:00 2001 From: Julian Lam <julian@nodebb.org> Date: Fri, 26 Jan 2018 13:22:28 -0500 Subject: [PATCH] fixing accidental usage of .includes @benlubar --- public/src/utils.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/public/src/utils.js b/public/src/utils.js index 2fcdfa8..d921573 100644 --- a/public/src/utils.js +++ b/public/src/utils.js @@ -550,7 +550,7 @@ value = value ? value.split(' ') : []; ['noopener', 'noreferrer'].forEach(function (property) { - if (!value.includes(property)) { + if (value.indexOf(property) === -1) { value.push(property); } }); -- 2.7.4
-
@julianlam said in An invalid or illegal string was specified:
Fixed
-
@julianlam said in An invalid or illegal string was specified:
... or you could just apply this patch by hand:
done
-
@boomzilla said in An invalid or illegal string was specified:
@tsaukpaetra said in An invalid or illegal string was specified:
@hardwaregeek said in An invalid or illegal string was specified:
Not to mention the broken users
It's better than being fixed!
It's not so bad, actually, if you're in the right place in your life.
I don't even know how to tell my current place in life, much less the right place in my life...