Skip to content

Commit

Permalink
Security fix for Prototype Pollution (#20)
Browse files Browse the repository at this point in the history
Co-authored-by: Arjun Shibu <arjunshibu1999@gmail.com>
Co-authored-by: Jamie Slome <jamie@418sec.com>
Co-authored-by: Shawn <BadOPCode@users.noreply.github.com>
  • Loading branch information
4 people authored Nov 11, 2021
1 parent 78f4ffa commit b9cc2b3
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion src/Merge.ts
Original file line number Diff line number Diff line change
Expand Up @@ -47,13 +47,18 @@ const handleDefaultBehavior = (originalObject: any, newObject: any, behavior?:
if (originalTypeName === "Object" && newTypeName === "Object") { // built-in behavior
// tslint:disable:forin
for (const p in newObject) {
if (isPrototypePolluted(p)) continue
originalObject[p] = processBehavior(originalObject[p], newObject[p], behavior);
}
// tslint:enable:forin
return originalObject;
}
};

const isPrototypePolluted = (key: any) => {
return ['__proto__', 'constructor', 'prototype'].includes(key)
}

/**
* Recursively merge two objects together.
* @param originalObject The base object. Properties here will be overwritten
Expand All @@ -72,7 +77,7 @@ export const Merge = (originalObject: any, newObject: any, behavior?: IMergeBeha
return definedBehaviorResults;
}
}

return handleDefaultBehavior(originalObject, newObject, behavior);
};

Expand Down

0 comments on commit b9cc2b3

Please sign in to comment.