diff --git a/package.json b/package.json index e4f7043b8..270a725c2 100644 --- a/package.json +++ b/package.json @@ -47,7 +47,7 @@ "debug": "^3.1.0", "eventsource": "^1.0.5", "iconv-lite": "^0.4.21", - "jsdom": "11.5.1", + "jsdom": "11.12.0", "lodash": "^4.17.10", "mime": "^2.3.1", "ms": "^2.1.1", diff --git a/src/document.js b/src/document.js index e49384703..523b915db 100644 --- a/src/document.js +++ b/src/document.js @@ -149,7 +149,12 @@ function setupWindow(window, args) { window.MouseEvent = DOM.MouseEvent; window.MutationEvent = DOM.MutationEvent; window.UIEvent = DOM.UIEvent; - window.screen = new Screen(); + const screen = new Screen(); + Object.defineProperty(window, 'screen',{ + get(){ + return screen; + } + }); // for inline event handlers window._globalProxy.Function = Function; diff --git a/src/dom/scripts.js b/src/dom/scripts.js index 956574b1a..a2b2b3fcd 100644 --- a/src/dom/scripts.js +++ b/src/dom/scripts.js @@ -43,11 +43,18 @@ Object.defineProperty(HTMLScriptElementImpl, 'init', { } } + obj._poppedOffStackOfOpenElements = function(){ + //not being used, causing double js execution + } } }); function _eval(text, filename) { + if (this._alreadyStarted) + return; + + this._alreadyStarted = true; const typeString = this._getTypeString(); const _defaultView = this._ownerDocument._defaultView; if (_defaultView && _defaultView._runScripts === 'dangerously' && jsMIMETypes.has(typeString.toLowerCase())) { diff --git a/src/xhr.js b/src/xhr.js index 1b21f920c..41062d5c3 100644 --- a/src/xhr.js +++ b/src/xhr.js @@ -179,14 +179,12 @@ class XMLHttpRequest { // CORS request, check origin, may lead to new error if (this._cors) { const allowedOrigin = response.headers.get('Access-Control-Allow-Origin'); - if (!(allowedOrigin === '*' || allowedOrigin === this._cors)) { - this._error = new DOMException(DOMException.SECURITY_ERR, 'Cannot make request to different domain'); - } + if (!(allowedOrigin === '*' || allowedOrigin === this._cors)) + this._error = new DOMException(DOMException.SECURITY_ERR, 'Cannot make request to different domain') else if (!/^(GET|HEAD|POST)$/.test(this._method)) { const allowedMethods = response.headers.get('Access-Control-Allow-Methods'); - if (!allowedMethods || allowedMethods.indexOf(request.method) == -1) { + if (!allowedMethods || allowedMethods.indexOf(request.method) == -1) this._error = new DOMException(DOMException.SECURITY_ERR, 'Cannot make request with not-allowed method('+this._method+')'); - } } if (this._error) { this._browser.errors.push(this._error);