Avoid using location.hash as jQuery selector directly

mislav · mislav · commit c3ca1c3b1f79 · 2014-12-02T21:29:24.000-08:00
The URI fragment might have all sorts of data in it and will not always
be a valid CSS query. The previous approach could have led to Sizzle
syntax errors.

Since we're only allowing lookups by ID, use `getElementById` here which
will never error out, even for malformed values.
diff --git a/jquery.pjax.js b/jquery.pjax.js
@@ -327,8 +327,8 @@ function pjax(options) {
       pjax.state.url = url.href
       window.history.replaceState(pjax.state, container.title, url.href)
 
-      var target = $(url.hash)
-      if (target.length) $(window).scrollTop(target.offset().top)
+      var target = document.getElementById(url.hash.slice(1))
+      if (target) $(window).scrollTop($(target).offset().top)
     }
 
     fire('pjax:success', [data, status, xhr, options])

Original file line number	Diff line number	Diff line change
`@@ -327,8 +327,8 @@ function pjax(options) {`
`327`	`327`	`pjax.state.url = url.href`
`328`	`328`	`window.history.replaceState(pjax.state, container.title, url.href)`
`329`	`329`
`330`		`- var target = $(url.hash)`
`331`		`- if (target.length) $(window).scrollTop(target.offset().top)`
	`330`	`+ var target = document.getElementById(url.hash.slice(1))`
	`331`	`+ if (target) $(window).scrollTop($(target).offset().top)`
`332`	`332`	`}`
`333`	`333`
`334`	`334`	`fire('pjax:success', [data, status, xhr, options])`