IE6 : Download html without executing the contained javascript, in ISO-8859-1 charset

Question

Hi !

Here is a code (using jquery) i use to download a html file from which I extract a table and its content.

var url = $('#url').val(); // url to access

if ($.browser.msie && $.browser.version.substr(0,1)<7) {
 var frame = $('<iframe/>').css('display', 'none').attr('src', url );
 frame.appendTo('body')
        .load(function() {
            var data = frame.contents()[0].firstChild.innerHTML;
            frame.remove; // kill the frame
            extractReport(data); // extract the data table
        }); // load
}
else {
    $.ajaxSetup({
        'beforeSend' : function(xhr) {
            xhr.overrideMimeType('text/html; charset=ISO-8859-1');
            }
        }); // ajaxSetup
     $.ajax(
        {
        async:false,
        url:url, 
        error : function(XMLHttpRequest, textStatus, errorThrown) {
            alert(textStatus );
        }, 
        success:
                function(data, textStatus, XMLHttpRequest) {
                    extractReport(data); 
                    }
        }); // ajax
} //else

My problem is that when I use a xmlhttprequest active-X object in IE6, the responseText contains garbage for French characters. I managed to bypass this with an iframe (ie6 do not support overrideMimeType which I use for Firefox). But now the javascript contained in the html frame is executed. Is there a way in IE6 to download my html file in the correct charset without executing the javascript ?

Note: I am not authorized to change the Apache config to force a ISO-8859-1 charset.

My idea : Could the html be download as a plain text with an activeX ? The only one I know is ActiveXObject("Msxml2.XMLHTTP.6.0") and it fails.

Answer 1

Could the html be download as a plain text with an activeX? The only one I know is ActiveXObject("Msxml2.XMLHTTP.6.0") and it fails.

No. Indeed, IE does not support XMLHttpRequest Level 2's overrideMimeType method in any version to date, regardless of whether the native-JScript (IE7+) or the old-school ActiveX implementation is used.

overrideMimeType really is the only way to get XMLHttpRequest to receive text content in a different charset to the one it's marked as (UTF-8, if no Content-Type header charset is specified. A <meta>-set charset is no use because only an HTML parser would read that and XMLHttpRequest is not an HTML parser). There is no way to retreive raw binary using XMLHttpRequest.

[iframe method] without executing the contained javascript

Well, sort of. There's the IE6+-specific and generally-pretty-questionable attribute security, which changes the Zone of the child document. This usually has the effect of turning JavaScript off, amongst other side-effects, but exactly what happens is affected by the user's IE Restricted Sites Zone settings, so it's not really reliable.

var frame = $('<iframe security="restricted"/>').css('display', 'none').attr('src', url);

(and yes, you do have to put it in markup rather than setting it through a DOM property using attr or jQuery 1.4 attr creation shortcuts, which would usually be preferable.)

I would use this only as a last resort. I think it's going to cause you a bunch of problems.

I am not authorized to change the Apache config to force a ISO-8859-1 charset.

Well that sucks. Are you authorised to change the target page so it is UTF-8? Non-UTF-8 charsets are so last century!

if ($.browser.msie && $.browser.version.substr(0,1)<7)

Don't use browser sniffing. The capability you want to sniff for is overrideMimeType, so check for that:

if ('XMLHttpRequest' in window && 'overrideMimeType' in new XMLHttpRequest()) {
    // xmlhttp branch
} else if {
    // nasty iframe branch
}