Skip to content

Commit

Permalink
test prototype pollution
Browse files Browse the repository at this point in the history
  • Loading branch information
@oliviertassinari
oliviertassinari committed Oct 22, 2019
1 parent ad473f9 commit a5a2d23
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions packages/material-ui-utils/src/deepmerge.test.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
import deepmerge from './deepmerge';
import { expect } from 'chai';

describe('deepmerge', () => {
// https://snyk.io/blog/after-three-years-of-silence-a-new-jquery-prototype-pollution-vulnerability-emerges-once-again/
it('should not be subject to prototype pollution', () => {
deepmerge({}, JSON.parse('{ "myProperty": "a", "__proto__" : { "isAdmin" : true } }'));
expect({}.isAdmin, undefined);
});
});

0 comments on commit a5a2d23

Please sign in to comment.