Skip to content

Commit

Permalink
test from prototype pollution PR
Browse files Browse the repository at this point in the history
  • Loading branch information
substack committed Mar 22, 2022
1 parent aeb3e27 commit bc8ecee
Showing 1 changed file with 16 additions and 0 deletions.
16 changes: 16 additions & 0 deletions test/proto.js
Original file line number Diff line number Diff line change
Expand Up @@ -42,3 +42,19 @@ test('proto pollution (constructor)', function (t) {
t.equal(argv.y, undefined);
t.end();
});

test('proto pollution (constructor function)', function (t) {
var argv = parse(['--_.concat.constructor.prototype.y', '123']);
function fnToBeTested() {}
t.equal(fnToBeTested.y, undefined);
t.equal(argv.y, undefined);
t.end();
});

// powered by snyk - https://github.com/backstage/backstage/issues/10343
test('proto pollution (constructor function) snyk', function (t) {
var argv = parse('--_.constructor.constructor.prototype.foo bar'.split(' '));
t.equal((function(){}).foo, undefined);
t.equal(argv.y, undefined);
t.end();
})

0 comments on commit bc8ecee

Please sign in to comment.