Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't assume hasOwnProperty is safe #7

Merged
merged 2 commits into from
Feb 9, 2019
Merged

Don't assume hasOwnProperty is safe #7

merged 2 commits into from
Feb 9, 2019

Commits on Feb 8, 2019

  1. Don't assume hasOwnProperty is safe 

    It's not safe to use `hasOwnProperty` on an object that came from
`JSON.parse()`, since it may have been overwritten, as it is here:

    { "hasOwnProperty": "boom", "__proto__": { "foo": "bar" } }

Calling `node.hasOwnProperty('__proto__')` on this object results in a
`TypeError` since `hasOwnProperty` is a string and not a function.
    @rgrove
    rgrove committed Feb 8, 2019
    Configuration menu
    Copy the full SHA
    22d6a7c View commit details
    Browse the repository at this point in the history

  2. Be even safer by getting a hasOwnProperty reference early 

    hapijs#7 (comment)
    @rgrove
    rgrove committed Feb 8, 2019
    Configuration menu
    Copy the full SHA
    796d566 View commit details
    Browse the repository at this point in the history