don't eval <script> content when "src" is present

A SCRIPT tag can have both a "src" attribute and script content. In those cases, the remote script is downloaded and the content is ignored. Zepto should do the same when manually eval'ing SCRIPTs. Fixes madrobby#510
jasondscott · Sep 28, 2012 · 9ca4cdb · 9ca4cdb
1 parent 7cd4bcd
commit 9ca4cdb
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/src/zepto.js b/src/zepto.js
@@ -619,7 +619,8 @@ var Zepto = (function() {
         for (var i = 0; i < nodes.length; i++) {
           var node = nodes[inReverse ? nodes.length-i-1 : i]
           traverseNode(node, function(node){
-            if (node.nodeName != null && node.nodeName.toUpperCase() === 'SCRIPT' && (!node.type || node.type === 'text/javascript'))
+            if (node.nodeName != null && node.nodeName.toUpperCase() === 'SCRIPT' &&
+               (!node.type || node.type === 'text/javascript') && !node.src)
               window['eval'].call(window, node.innerHTML)
           })
           if (copyByClone && index < size - 1) node = node.cloneNode(true)