Skip to main content

Search and Top Navigation

#6639 closed enhancement (worksforme)

Opened November 09, 2010 01:57PM UTC

Closed November 09, 2010 02:08PM UTC

Last modified October 11, 2012 09:15PM UTC

ui.autocomplete does not encode params prior to getJSON call

Reported by: paul.morgan Owned by:
Priority: minor Milestone:
Component: ui.autocomplete Version: 1.8.6
Keywords: autocomplete encode encodeURIComponent getJSON XHR Cc:
Blocked by: Blocking:

The Autocomplete plugin does not encode user input "out of the box" when using a remote data source - it just pipes it straight into a getJSON call.

As you can imagine, depending on the data sent, you may or may not get away with this.

This can be sorted out by including:

var prop;
for(prop in request) {
   request[prop] = encodeURIComponent(request[prop]);

...prior to the getJSON() call on line 248.

Please find attached a copy of the unminified autocomplete source with this added.

Note the new lines of code on 237, 249-251.

Attachments (1)
Change History (2)

Changed November 09, 2010 02:08PM UTC by jzaefferer comment:1

resolution: → worksforme
status: newclosed

$.getJSON delegates to $.get, which delegates to $.ajax, which uses $.param to serialize the data, which eventually uses encodeURIComponent.

If there's some way to send data without hitting encodeURIComponent, please provide a testcase.

Changed October 11, 2012 09:15PM UTC by scottgonzalez comment:2

milestone: TBD

Milestone TBD deleted