Fix potential security issue caused by Prototype Pollution

mde / ejs

Embedded JavaScript templates -- http://ejs.co

Apache License 2.0

7.7k stars 841 forks source link

Fix potential security issue caused by Prototype Pollution #673

Closed ttpf-x closed 2 years ago

ttpf-x commented 2 years ago

There are omissions in the regular matching repair method. Replace the regular matching repair method with a more concise, efficient and safe method, that is, traverse the prototype attribute of opts once and set it to undefined. See lines 508 to 519 for details.

mde commented 2 years ago

Looks like this PR has introduced a bunch of whitespace changes as well.

mde commented 2 years ago

Also worth noting, this approach does not handle non-enumerable properties added to a prototype via defineProperty.