Skip to content
Permalink
Browse files
Fixed prototype pollution. #6
  • Loading branch information
fabiocaccamo committed Dec 6, 2021
1 parent 457473e commit 102efafb291ce1916985514440d3bf8a6826890a
Showing with 8 additions and 0 deletions.
  1. +3 −0 src/utils/ObjectUtil.js
  2. +5 −0 test/test_object.js
@@ -217,6 +217,9 @@ ObjectUtil = {
var cursor = obj;
for (var i = 0, j = keys.length; i < j; i++) {
key = keys[i];
if (key === '__proto__') {
break;
}
if (!TypeUtil.isObject(cursor[key])) {
cursor[key] = {};
}
@@ -304,6 +304,11 @@ describe('object', function() {
f(o, 'e.f.g', 'ok 2');
test.assertEqual(o['e']['f']['g'], 'ok 2');
});
it('test prototype pollution', function() {
f(o, '__proto__.polluted', true);
test.assertUndefined(o['polluted']);
test.assertUndefined({}.polluted);
});
});
describe('length', function() {
var f = obj.length;

0 comments on commit 102efaf

Please sign in to comment.