Skip to content

Commit

Permalink
Fix prototype-polluting vulnerability
Browse files Browse the repository at this point in the history
  • Loading branch information
@jibrang
jibrang committed Aug 30, 2024
1 parent 3f17eb1 commit a549b0e
Showing 1 changed file with 1 addition and 2 deletions.
3 changes: 1 addition & 2 deletions target/braintree-1.3.10.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2366,10 +2366,9 @@ sjcl.random = {
}
}

const forbiddenKeys = ['__proto__', 'constructor', 'prototype'];
for (i=0; i<jsTemp.length; i++) {
j = jsTemp[i];
if (forbiddenKeys.includes(j)) {
if (j === '__proto__' || j === 'constructor' || j === 'prototype') {
continue;
}
delete cbs[j];
Expand Down

0 comments on commit a549b0e

Please sign in to comment.