Client-side prototype pollution #4322
Unanswered
Dinesh-loma
asked this question in
5. Bugs
Replies: 1 comment
-
|
There is no code in Alpine that deals with query strings You are likely looking for https://github.com/livewire/livewire history plugin. But you'll see here: https://github.com/livewire/livewire/blob/b158c6386a892efc6c5e4682e682829baac1f933/js/plugins/history/index.js#L272 that this is handled. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
The client-side prototype pollution source
__proto__[property]is read from the query string.example : https://xxxxx.com/xxxx?__proto__[dcb52823]=qblsuvcruj
CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Beta Was this translation helpful? Give feedback.
All reactions