File tree Expand file tree Collapse file tree 2 files changed +45
-3
lines changed Expand file tree Collapse file tree 2 files changed +45
-3
lines changed Original file line number Diff line number Diff line change @@ -450,4 +450,44 @@ describe("Utility Function Tests:", function () {
450450 } ) ;
451451 } ) ;
452452 } ) ; // end parseS3 tests
453+
454+
455+ describe ( "deepMerge" , function ( ) {
456+
457+ it ( "Should deep merge objects" , function ( ) {
458+ let obj1 = {
459+ "a" : {
460+ "b" : {
461+ "c" : "test"
462+ }
463+ }
464+ } ;
465+ let obj2 = {
466+ "a" : {
467+ "b" : {
468+ "c" : "test2"
469+ }
470+ }
471+ } ;
472+
473+ expect ( utils . deepMerge ( obj1 , obj2 ) ) . toEqual ( {
474+ "a" : {
475+ "b" : {
476+ "c" : "test2"
477+ }
478+ }
479+ } ) ;
480+ } )
481+
482+ it ( "Prevents prototype pollution" , function ( ) {
483+ let payload = '{"__proto__":{"polluted":true}}' ;
484+ expect ( { } . polluted ) . toBeUndefined ( ) ;
485+ utils . deepMerge ( { } , JSON . parse ( payload ) ) ;
486+ expect ( { } . polluted ) . toBeUndefined ( ) ;
487+ } )
488+
489+
490+ } ) ; // end deepMerge tests
491+
492+
453493} ) ; // end UTILITY tests
Original file line number Diff line number Diff line change @@ -157,9 +157,11 @@ exports.parseS3 = (path) => {
157157
158158// Deep Merge
159159exports . deepMerge = ( a , b ) => {
160- Object . keys ( b ) . forEach ( ( key ) =>
161- key in a ? this . deepMerge ( a [ key ] , b [ key ] ) : Object . assign ( a , b )
162- ) ;
160+ Object . keys ( b ) . forEach ( ( key ) => {
161+ if ( key === '__proto__' ) return ;
162+ if ( typeof b [ key ] !== 'object' ) return Object . assign ( a , b ) ;
163+ return key in a ? this . deepMerge ( a [ key ] , b [ key ] ) : Object . assign ( a , b ) ;
164+ } ) ;
163165 return a ;
164166} ;
165167
You can’t perform that action at this time.
0 commit comments