fix($http): allow multiple json vulnerability prefixes

We strip out both:
)]}',
)]}'

2 files changed, 12 insertions, 1 deletions

diff --git a/src/service/http.js b/src/service/http.js
index f06b88fd..3b207a13 100644
--- a/src/service/http.js
+++ b/src/service/http.js
@@ -65,7 +65,8 @@ function $HttpProvider() {
     // transform in-coming reponse data
     transformResponse: function(data) {
       if (isString(data)) {
-        if (/^\)\]\}',\n/.test(data)) data = data.substr(6);
+        // strip json vulnerability protection prefix
+        data = data.replace(/^\)\]\}',?\n/, '');
         if (/^\s*[\[\{]/.test(data) && /[\}\]]\s*$/.test(data))
           data = fromJson(data, true);
       }
diff --git a/test/service/httpSpec.js b/test/service/httpSpec.js
index ad83bdf8..b39ac3d7 100644
--- a/test/service/httpSpec.js
+++ b/test/service/httpSpec.js
@@ -743,6 +743,16 @@ describe('$http', function() {
           expect(callback).toHaveBeenCalledOnce();
           expect(callback.mostRecentCall.args[0]).toEqual([1, 'abc', {foo:'bar'}]);
         });
+
+
+        it('should deserialize json with security prefix ")]}\'"', function() {
+          $httpBackend.expect('GET', '/url').respond(')]}\'\n\n[1, "abc", {"foo":"bar"}]');
+          $http({method: 'GET', url: '/url'}).on('200', callback);
+          $httpBackend.flush();
+
+          expect(callback).toHaveBeenCalledOnce();
+          expect(callback.mostRecentCall.args[0]).toEqual([1, 'abc', {foo:'bar'}]);
+        });
       });