Skip to content

Commit

Permalink
__proto__ own copying doc
Browse files Browse the repository at this point in the history
  • Loading branch information
@davidmarkclements
davidmarkclements committed Feb 23, 2023
1 parent 668afd6 commit 5e19659
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions readme.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,14 @@ All files | 100 | 100 | 100 | 100 | |
----------|----------|----------|----------|----------|-------------------|
```

### `__proto__` own property copying

`rfdc` works the same way as `Object.assign` when it comes to copying `['__proto__']` (e.g. when
an object has an own property key called '__proto__'). It results in the target object
prototype object being set per the value of the `['__proto__']` own property.

For detailed write-up on how a way to handle this security-wise see https://www.fastify.io/docs/latest/Guides/Prototype-Poisoning/.

## License

MIT

0 comments on commit 5e19659

Please sign in to comment.