Skip to content

Commit

Permalink
Prevent prototype pollution while parsing query strings on V1 (#2523)
Browse files Browse the repository at this point in the history
* Prevent prototype pollution while parsing query strings

* Finalize querystring fix and ensure working tests. Implements changes made in e58e918

* Update documentation to note the prototype pollution vuln fix

* Update docs/change-log.md

Co-Authored-By: Isiah Meadows <[email protected]>


Co-authored-by: Isiah Meadows <[email protected]>
  • Loading branch information
Hunter-Dolan and dead-claudia committed Sep 10, 2019
1 parent 8d30578 commit b2b4800
Show file tree
Hide file tree
Showing 4 changed files with 370 additions and 317 deletions.
2 changes: 2 additions & 0 deletions docs/change-log.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@

- core: Workaround for [Internet Explorer bug](https://www.tjvantoll.com/2013/08/30/bugs-with-document-activeelement-in-internet-explorer/) when running in an iframe

- Fix prototype pollution vulnerability in `m.parseQueryString` ([#2523](https://github.com/MithrilJS/mithril.js/pull/2523) [@isiahmeadows](https://github.com/isiahmeadows) [@Hunter-Dolan](https://github.com/Hunter-Dolan))


### v1.1.6

Expand Down
Loading

0 comments on commit b2b4800

Please sign in to comment.