mirror of
https://github.com/discourse/discourse.git
synced 2024-12-14 20:43:54 +08:00
SECURITY: jquery CVE-2019-11358
This commit is contained in:
parent
e143cc1843
commit
922d93c1d4
3
vendor/assets/javascripts/jquery.js
vendored
3
vendor/assets/javascripts/jquery.js
vendored
|
@ -261,8 +261,9 @@ jQuery.extend = jQuery.fn.extend = function() {
|
|||
src = target[ name ];
|
||||
copy = options[ name ];
|
||||
|
||||
// Prevent Object.prototype pollution
|
||||
// Prevent never-ending loop
|
||||
if ( target === copy ) {
|
||||
if ( name === "__proto__" || target === copy ) {
|
||||
continue;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user