};
var scriptsLoaded = {};
- CRM.loadScript = function(url) {
+ CRM.loadScript = function(url, appendCacheCode) {
if (!scriptsLoaded[url]) {
- var script = document.createElement('script');
+ var script = document.createElement('script'),
+ src = url;
+ if (appendCacheCode !== false) {
+ src += (_.includes(url, '?') ? '&r=' : '?r=') + CRM.config.resourceCacheCode;
+ }
scriptsLoaded[url] = $.Deferred();
script.onload = function () {
// Give the script time to execute
CRM.CMSjQuery = window.jQuery;
window.jQuery = CRM.$;
}
- script.src = url + (_.includes(url, '?') ? '&r=' : '?r=') + CRM.config.resourceCacheCode;
+ script.src = src;
document.getElementsByTagName("head")[0].appendChild(script);
}
return scriptsLoaded[url];
return (yiq >= 128) ? 'black' : 'white';
};
+ // CVE-2015-9251 - Prevent auto-execution of scripts when no explicit dataType was provided
+ $.ajaxPrefilter(function(s) {
+ if (s.crossDomain) {
+ s.contents.script = false;
+ }
+ });
+
})(jQuery, _);