chore: added test for prototype pollution protection

cure53 · Aug 27, 2020 · db7ec8b · db7ec8b
1 parent 082b204
commit db7ec8b
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/test/test-suite.js b/test/test-suite.js
@@ -1464,4 +1464,16 @@ module.exports = function (DOMPurify, window, tests, xssTests) {
       ]);
     }
   );
+  QUnit.test(
+    'Test protection from prototype pollution attacks',
+    function (assert) {
+
+      const obj = JSON.parse('{"ALLOWED_ATTR":["onerror","src"]}');
+      for (let [k, v] of Object.entries(obj)) {
+        Object.prototype[k] = v;
+      }
+      var clean = DOMPurify.sanitize('<img src=x onerror=alert(1)>');
+      assert.equal(clean, '<img src="x">');
+    }
+  );
 };