jQuery 1.6.3 Released

jquery 1.6.3 released

Soon after the jQuery 1.6.3 RC1 was made available to web developers, the official finished library was released. I guess testing went well! This is still pretty new so the jQuery crew need you to report any bugs!

Notable Changes

  • Fixed a cross site scripting attack vector: Script injection used to be possible when using location.hash to select elements. The new release disallows the use of html tags and, therefore scripts, in the $() if there is a # preceding it.
  • Removed support for requestAnimationFrame API: This API would tell the browser when to repaint an animation. The feature was unfortunately mis-used and caused an animation “worm hole” as the browser would execute queued animations concurrently when the browser tab went from inactive to active. Try it out here:

    In most cases, all you really had to do was empty the animation queue before executing and new animation. Scrapping this API to (seemingly) just reduce the number of bug reports is a bit like a waste in my opinion.
  • Better handling of HTML5 attributes: The .data() API has been improved to further support HTML 5 data attributes.

You can get a complete change log here.

Report a Bug

Here are the new releases, throw them on your site (or link to them) and see how they fare. AS ussual they have provided one minified version for efficient practical use, and an uncompressed version for you own reference and to make development a bit easier:

You’d be doing the online developement community a huge service by reporting any bugs on JsFiddle using the jQuery(edge) option.