mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-30 01:15:25 -05:00
13 lines
375 B
Diff
13 lines
375 B
Diff
|
--- node_modules/mongoose/lib/document.js
|
||
|
+++ node_modules/mongoose/lib/document.js
|
||
|
@@ -689,6 +689,10 @@ function init(self, obj, doc, opts, prefix) {
|
||
|
|
||
|
function _init(index) {
|
||
|
i = keys[index];
|
||
|
+ // avoid prototype pollution
|
||
|
+ if (i === '__proto__' || i === 'constructor') {
|
||
|
+ return;
|
||
|
+ }
|
||
|
path = prefix + i;
|
||
|
schema = self.$__schema.path(path);
|