language-servers/deno
1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-08-03 18:38:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Remove Object.prototype.__proto__ (#4341)

Browse source
This commit is contained in:
Kitson Kelly 2020-03-15 21:34:22 +11:00 committed by GitHub
parent 64a35acd64
commit 2f4be6e944
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 24 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
cli/js/compiler.ts
View file

@ -400,6 +400,12 @@ function bootstrapWasmCompilerRuntime(): void {
globalThis.onmessage = wasmCompilerOnMessage;
}
// Removes the `__proto__` for security reasons. This intentionally makes
// Deno non compliant with ECMA-262 Annex B.2.2.1
//
// eslint-disable-next-line @typescript-eslint/no-explicit-any
delete (Object.prototype as any).__proto__;
Object.defineProperties(globalThis, {
bootstrapWasmCompilerRuntime: {
value: bootstrapWasmCompilerRuntime,

6
cli/js/main.ts
View file

@ -2,6 +2,12 @@
import { bootstrapMainRuntime } from "./runtime_main.ts";
import { bootstrapWorkerRuntime } from "./runtime_worker.ts";
// Removes the `__proto__` for security reasons. This intentionally makes
// Deno non compliant with ECMA-262 Annex B.2.2.1
//
// eslint-disable-next-line @typescript-eslint/no-explicit-any
delete (Object.prototype as any).__proto__;
Object.defineProperties(globalThis, {
bootstrapMainRuntime: {
value: bootstrapMainRuntime,