@embeddable.com/sdk-core 4.1.7-next.0 → 4.1.8-next.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/index.esm.js +6 -2
- package/lib/index.esm.js.map +1 -1
- package/package.json +3 -3
package/lib/index.esm.js
CHANGED
|
@@ -5666,7 +5666,7 @@ function getAugmentedNamespace(n) {
|
|
|
5666
5666
|
return a;
|
|
5667
5667
|
}
|
|
5668
5668
|
|
|
5669
|
-
var version = "2.26.
|
|
5669
|
+
var version = "2.26.5";
|
|
5670
5670
|
var defaults = {
|
|
5671
5671
|
server: {
|
|
5672
5672
|
scrubHeaders: [
|
|
@@ -5755,7 +5755,7 @@ function requireMerge () {
|
|
|
5755
5755
|
copy,
|
|
5756
5756
|
clone,
|
|
5757
5757
|
name,
|
|
5758
|
-
result =
|
|
5758
|
+
result = Object.create(null), // no prototype pollution on Object
|
|
5759
5759
|
current = null,
|
|
5760
5760
|
length = arguments.length;
|
|
5761
5761
|
|
|
@@ -6450,6 +6450,10 @@ function requireUtility () {
|
|
|
6450
6450
|
if (!obj) {
|
|
6451
6451
|
return;
|
|
6452
6452
|
}
|
|
6453
|
+
|
|
6454
|
+
// Prevent prototype pollution by setting the prototype to null.
|
|
6455
|
+
Object.setPrototypeOf(obj, null);
|
|
6456
|
+
|
|
6453
6457
|
var keys = path.split('.');
|
|
6454
6458
|
var len = keys.length;
|
|
6455
6459
|
if (len < 1) {
|