Skip to content

Commit

Permalink
Merge pull request #1 from zpbrent/patch-1
Browse files Browse the repository at this point in the history 
Security Fix for Prototype Pollution in mquery
  • Loading branch information
huntr.dev | the place to protect open source committed Mar 29, 2021
2 parents 34344fa + a7b6d7c commit d3b230b
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions lib/utils.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -170,6 +170,9 @@ exports.mergeClone = function mergeClone(to, from) {

while (i--) {
key = keys[i];
if (specialProperties.indexOf(key) !== -1) {
continue;
}
if ('undefined' === typeof to[key]) {
to[key] = clone(from[key]);
} else {
Expand Down

0 comments on commit d3b230b

Please sign in to comment.