Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

failing security test for non-enumerable linking

  • Loading branch information...
commit d2f1f37ceb3f1adc195528df4da41144e739c87a 1 parent 588990c
James Halliday substack authored
2  test/args.js
... ... @@ -1,5 +1,5 @@
1 1 var assert = require('assert');
2   -var protocol = require('dnode-protocol');
  2 +var protocol = require('../');
3 3
4 4 function argv () { return arguments }
5 5
2  test/fn.js
... ... @@ -1,5 +1,5 @@
1 1 var assert = require('assert');
2   -var proto = require('dnode-protocol');
  2 +var proto = require('../');
3 3 var Traverse = require('traverse');
4 4 var EventEmitter = require('events').EventEmitter;
5 5
2  test/proto.js
... ... @@ -1,5 +1,5 @@
1 1 var assert = require('assert');
2   -var proto = require('dnode-protocol');
  2 +var proto = require('../');
3 3 var Traverse = require('traverse');
4 4
5 5 exports.protoHashes = function () {
20 test/scrub.js
... ... @@ -1,5 +1,5 @@
1 1 var assert = require('assert');
2   -var Scrubber = require('dnode-protocol').Scrubber;
  2 +var Scrubber = require('../').Scrubber;
3 3
4 4 exports.noFuncs = function () {
5 5 var s = new Scrubber;
@@ -77,3 +77,21 @@ exports.multilink = function () {
77 77 ],
78 78 });
79 79 };
  80 +
  81 +exports.enumLink = function () {
  82 + var s = new Scrubber;
  83 + var req = {
  84 + method : 0,
  85 + arguments : [ 33, '[Function]' ],
  86 + callbacks : { 0 : [ '1' ] },
  87 + links : [ {
  88 + from : [ '0' ],
  89 + to : [ '1', 'constructor', 'prototype', 'beep' ]
  90 + } ]
  91 + };
  92 +
  93 + var args = s.unscrub(req, function (id) {
  94 + return function () {};
  95 + });
  96 + assert.ok(!(function () {}).beep, 'created non-enumerable property');
  97 +};

0 comments on commit d2f1f37

Please sign in to comment.
Something went wrong with that request. Please try again.