diff --git a/packages/react-dom/src/__tests__/ReactServerRendering-test.internal.js b/packages/react-dom/src/__tests__/ReactServerRendering-test.internal.js
index b7c6eca3de0cc..5de87a4a71396 100644
--- a/packages/react-dom/src/__tests__/ReactServerRendering-test.internal.js
+++ b/packages/react-dom/src/__tests__/ReactServerRendering-test.internal.js
@@ -174,6 +174,19 @@ describe('ReactDOMServer', () => {
(__DEV__ ? '\n in iframe (at **)' : ''),
);
});
+
+ it('should not crash on poisoned hasOwnProperty', () => {
+ let html;
+ expect(
+ () =>
+ (html = ReactDOMServer.renderToString(
+
+
+
,
+ )),
+ ).toWarnDev(['React does not recognize the `hasOwnProperty` prop']);
+ expect(html).toContain('');
+ });
});
describe('renderToStaticMarkup', () => {
diff --git a/packages/react-dom/src/server/ReactPartialRenderer.js b/packages/react-dom/src/server/ReactPartialRenderer.js
index d3ca7a8c1c8e1..785b7a99f7571 100644
--- a/packages/react-dom/src/server/ReactPartialRenderer.js
+++ b/packages/react-dom/src/server/ReactPartialRenderer.js
@@ -308,6 +308,7 @@ function processContext(type, context) {
return maskedContext;
}
+const hasOwnProperty = Object.prototype.hasOwnProperty;
const STYLE = 'style';
const RESERVED_PROPS = {
children: null,
@@ -327,7 +328,7 @@ function createOpenTagMarkup(
let ret = '<' + tagVerbatim;
for (const propKey in props) {
- if (!props.hasOwnProperty(propKey)) {
+ if (!hasOwnProperty.call(props, propKey)) {
continue;
}
let propValue = props[propKey];
diff --git a/packages/react-dom/src/shared/DOMProperty.js b/packages/react-dom/src/shared/DOMProperty.js
index b01c069dbad0c..2027f35312a86 100644
--- a/packages/react-dom/src/shared/DOMProperty.js
+++ b/packages/react-dom/src/shared/DOMProperty.js
@@ -66,14 +66,15 @@ export const VALID_ATTRIBUTE_NAME_REGEX = new RegExp(
'^[' + ATTRIBUTE_NAME_START_CHAR + '][' + ATTRIBUTE_NAME_CHAR + ']*$',
);
+const hasOwnProperty = Object.prototype.hasOwnProperty;
const illegalAttributeNameCache = {};
const validatedAttributeNameCache = {};
export function isAttributeNameSafe(attributeName: string): boolean {
- if (validatedAttributeNameCache.hasOwnProperty(attributeName)) {
+ if (hasOwnProperty.call(validatedAttributeNameCache, attributeName)) {
return true;
}
- if (illegalAttributeNameCache.hasOwnProperty(attributeName)) {
+ if (hasOwnProperty.call(illegalAttributeNameCache, attributeName)) {
return false;
}
if (VALID_ATTRIBUTE_NAME_REGEX.test(attributeName)) {