Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add upper bound for coffeescript (for now)
- Loading branch information
1 parent
bd0f780
commit b856cb8
b856cb8There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FYI this upper limit change has
parseStringreturning[Object: null prototype]which breaks anyone using.hasOwnProperty()and other inherited object functions.b856cb8There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was looking into the tests.
A way to check hasOwnProperty is:
{}.hasOwnProperty.call(xmlObjectHere, 'propertyname')so you can't inject protos as I have seen in the discussions
b856cb8There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@bonjonbovi87 No, this has nothing to do with it. The reason why it doesn't work is because #603 was merged to avoid a security issue.
b856cb8There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oops, I see, thanks. Missed it because the file date is 2 years ago due to the original commit.