Skip to content

Commit

Permalink
Fix prototype pollution on unflatten
Browse files Browse the repository at this point in the history
Fixes #105.
  • Loading branch information
MatthiasKunnen authored and timoxley committed Aug 6, 2020
1 parent e8fb281 commit 20ef0ef
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions index.js
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,10 @@ function unflatten (target, opts) {
let recipient = result

while (key2 !== undefined) {
if (key1 === '__proto__') {
return
}

const type = Object.prototype.toString.call(recipient[key1])
const isobject = (
type === '[object Object]' ||
Expand Down

0 comments on commit 20ef0ef

Please sign in to comment.