From 752a3cde750ed2ee2d78d1ee90521080c1ceec53 Mon Sep 17 00:00:00 2001 From: Matthew Miller Date: Thu, 9 Oct 2014 13:43:36 -0500 Subject: [PATCH 1/2] fix($http): don't run transformData on HEAD methods 7b6c1d0 indadvertantly created this issue by using Content-Type to determine when to run fromJson. Because HEAD methods do not contain a body but are supposed to return the Content-Type header that would have been returned if it was a GET this functionality fails. --- src/ng/http.js | 9 ++++++--- test/ng/httpSpec.js | 23 +++++++++++++++++++++++ 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/src/ng/http.js b/src/ng/http.js index 272a8d5faadf..b38147fe7f11 100644 --- a/src/ng/http.js +++ b/src/ng/http.js @@ -755,9 +755,12 @@ function $HttpProvider() { function transformResponse(response) { // make a copy since the response must be cacheable - var resp = extend({}, response, { - data: transformData(response.data, response.headers, config.transformResponse) - }); + var resp = extend({}, response); + if(response.config.method.toLowerCase() === 'head'){ + resp.data = response.data; + } else { + resp.data = transformData(response.data, response.headers, config.transformResponse) + } return (isSuccess(response.status)) ? resp : $q.reject(resp); diff --git a/test/ng/httpSpec.js b/test/ng/httpSpec.js index 8fca3c84fcdc..d93c97ab2437 100644 --- a/test/ng/httpSpec.js +++ b/test/ng/httpSpec.js @@ -1074,6 +1074,17 @@ describe('$http', function() { }); + it('should deserialize json empty string when response header contains application/json', + function() { + $httpBackend.expect('GET', '/url').respond('""', {'Content-Type': 'application/json'}); + $http({method: 'GET', url: '/url'}).success(callback); + $httpBackend.flush(); + + expect(callback).toHaveBeenCalledOnce(); + expect(callback.mostRecentCall.args[0]).toEqual(''); + }); + + it('should deserialize json with security prefix', function() { $httpBackend.expect('GET', '/url').respond(')]}\',\n[1, "abc", {"foo":"bar"}]'); $http({method: 'GET', url: '/url'}).success(callback); @@ -1094,6 +1105,18 @@ describe('$http', function() { }); + it('should not attempt to deserialize json when HEAD request', function(){ + //per http spec for Content-Type, HEAD request should return a Content-Type header + //set to what the content type would have been if a get was sent + $httpBackend.expect('HEAD', '/url').respond('', {'Content-Type': 'application/json'}); + $http({method: 'HEAD', url: '/url'}).success(callback); + $httpBackend.flush(); + + expect(callback).toHaveBeenCalledOnce(); + expect(callback.mostRecentCall.args[0]).toEqual(''); + }); + + it('should not deserialize tpl beginning with ng expression', function() { $httpBackend.expect('GET', '/url').respond('{{some}}'); $http.get('/url').success(callback); From b5809b28afbca7a5298deefb18517953d1174c9d Mon Sep 17 00:00:00 2001 From: Matthew Miller Date: Thu, 9 Oct 2014 14:59:05 -0500 Subject: [PATCH 2/2] fix($http) added a missed semicolon --- src/ng/http.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ng/http.js b/src/ng/http.js index b38147fe7f11..612fa4c294e0 100644 --- a/src/ng/http.js +++ b/src/ng/http.js @@ -759,7 +759,7 @@ function $HttpProvider() { if(response.config.method.toLowerCase() === 'head'){ resp.data = response.data; } else { - resp.data = transformData(response.data, response.headers, config.transformResponse) + resp.data = transformData(response.data, response.headers, config.transformResponse); } return (isSuccess(response.status)) ? resp