dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
SECURITY: resources: Patch jQuery 3.2.1 for CVE-2019-11358
[lhc/web/wiklou.git] / resources / lib / jquery / jquery.js
diff --git a/resources/lib/jquery/jquery.js b/resources/lib/jquery/jquery.js
index d2d8ca4..2cf479d 100644 (file)
--- a/resources/lib/jquery/jquery.js
+++ b/resources/lib/jquery/jquery.js
@@ -229,8 +229,9 @@ jQuery.extend = jQuery.fn.extend = function() {
                                src = target[ name ];
                                copy = options[ name ];
 
+                               // Prevent Object.prototype pollution
                                // Prevent never-ending loop
-                               if ( target === copy ) {
+                               if ( name === "__proto__" || target === copy ) {
                                        continue;
                                }
 
Wiklou, le Wiki du Wiklou