dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
SECURITY: resources: Patch jQuery 3.3.1 for CVE-2019-11358
[lhc/web/wiklou.git] / resources / lib / jquery / jquery.migrate.js
diff --git a/resources/lib/jquery/jquery.migrate.js b/resources/lib/jquery/jquery.migrate.js
index 992a734..711e424 100644 (file)
--- a/resources/lib/jquery/jquery.migrate.js
+++ b/resources/lib/jquery/jquery.migrate.js
@@ -3,6 +3,9 @@
  * Copyright jQuery Foundation and other contributors
  *
  * Patched for MediaWiki:
+ * - Qualify the global lookup for 'jQuery' as 'window.jQuery',
+ *   because within mw.loader.implement() for 'jquery', the closure
+ *   specifies '$' and 'jQuery', which are undefined.
  * - Add mw.track instrumentation for statistics.
  * - Disable jQuery.migrateTrace by default. They are slow and
  *   redundant given console.warn() already provides a trace.
@@ -20,7 +23,8 @@
        } else {
 
                // Browser globals
-               factory( jQuery, window );
+               // PATCH: Qualify jQuery lookup as window.jQuery. --Krinkle
+               factory( window.jQuery, window );
        }
 } )( function( jQuery, window ) {
 "use strict";
Wiklou, le Wiki du Wiklou