fix: apply v1 patch for the prototype pollution vulnerability

edmundhung · May 26, 2024 · cb604dd · cb604dd
1 parent 7a52c99
commit cb604dd
Showing 1 changed file with 12 additions and 2 deletions.
diff --git a/packages/conform-dom/formdata.ts b/packages/conform-dom/formdata.ts
@@ -33,7 +33,13 @@ export function getPaths(name: string): Array<string | number> {
 	return name
 		.split(/\.|(\[\d*\])/)
 		.reduce<Array<string | number>>((result, segment) => {
-			if (typeof segment !== 'undefined' && segment !== '') {
+			if (
+				typeof segment !== 'undefined' &&
+				segment !== '' &&
+				segment !== '__proto__' &&
+				segment !== 'constructor' &&
+				segment !== 'prototype'
+			) {
 				if (segment.startsWith('[') && segment.endsWith(']')) {
 					const index = segment.slice(1, -1);
 
@@ -87,7 +93,11 @@ export function setValue(
 		const nextKey = paths[index + 1];
 		const newValue =
 			index != lastIndex
-				? pointer[key] ?? (typeof nextKey === 'number' ? [] : {})
+				? Object.prototype.hasOwnProperty.call(pointer, key)
+					? pointer[key]
+					: typeof nextKey === 'number'
+					? []
+					: {}
 				: valueFn(pointer[key]);
 
 		pointer[key] = newValue;