Skip to content
This repository has been archived by the owner on Dec 19, 2023. It is now read-only.

Commit

Permalink
Merge pull request #1 from alromh87/master
Browse files Browse the repository at this point in the history 
Fix Prototype Pollution
  • Loading branch information
@JamieSlome
JamieSlome authored Oct 19, 2020
2 parents 61a8b9a + 3de26e9 commit e18b903
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions lib/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,10 @@ class Y18N {
}

updateLocale (obj: Locale) {
if ('__proto__' === this.locale){
throw new Error('Prototype pollution attempt detected');
}

if (!this.cache[this.locale]) this._readLocaleFile()

for (const key in obj) {
Expand Down

0 comments on commit e18b903

Please sign in to comment.