Skip to content

Commit

Permalink
Fix Prototype Pollution
Browse files Browse the repository at this point in the history
  • Loading branch information
@alromh87 @pierreinglebert
alromh87 authored and pierreinglebert committed Oct 13, 2020
1 parent f3d6c8e commit 67ad7dd
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions lib/apply.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@ module.exports = function apply(target, patch) {
var keys = Object.keys(patch);
for (var i = 0; i < keys.length; i++) {
var key = keys[i];
if (key === '__proto__' || key === 'constructor' || key === 'prototype') {
return target;
}
if (patch[key] === null) {
if (target.hasOwnProperty(key)) {
delete target[key];
Expand Down

0 comments on commit 67ad7dd

Please sign in to comment.