diff options
| author | Peter Bacon Darwin | 2013-10-05 10:49:09 +0100 |
|---|---|---|
| committer | Vojta Jina | 2013-10-07 09:01:13 -0700 |
| commit | 7a586e5c19f3d1ecc3fefef084ce992072ee7f60 (patch) | |
| tree | 2690c915adb20d92a065d9ad9d7438766d4620f8 /src/Angular.js | |
| parent | fb99f542060d3959d273634c90889788861b5c05 (diff) | |
| download | angular.js-7a586e5c19f3d1ecc3fefef084ce992072ee7f60.tar.bz2 | |
fix(*): protect calls to hasOwnProperty in public API
Objects received from outside AngularJS may have had their `hasOwnProperty`
method overridden with something else. In cases where we can do this without
incurring a performance penalty we call directly on Object.prototype.hasOwnProperty
to ensure that we use the correct method.
Also, we have some internal hash objects, where the keys for the map are provided
from outside AngularJS. In such cases we either prevent `hasOwnProperty` from
being used as a key or provide some other way of preventing our objects from
having their `hasOwnProperty` overridden.
BREAKING CHANGE: Inputs with name equal to "hasOwnProperty" are not allowed inside
form or ngForm directives.
Before, inputs whose name was "hasOwnProperty" were quietly ignored and not added
to the scope. Now a badname exception is thrown.
Using "hasOwnProperty" for an input name would be very unusual and bad practice.
Either do not include such an input in a `form` or `ngForm` directive or change
the name of the input.
Closes #3331
Diffstat (limited to 'src/Angular.js')
| -rw-r--r-- | src/Angular.js | 23 |
1 files changed, 13 insertions, 10 deletions
diff --git a/src/Angular.js b/src/Angular.js index b7d77437..879efb35 100644 --- a/src/Angular.js +++ b/src/Angular.js @@ -3,16 +3,6 @@ //////////////////////////////////// /** - * hasOwnProperty may be overwritten by a property of the same name, or entirely - * absent from an object that does not inherit Object.prototype; this copy is - * used instead - */ -var hasOwnPropertyFn = Object.prototype.hasOwnProperty; -var hasOwnPropertyLocal = function(obj, key) { - return hasOwnPropertyFn.call(obj, key); -}; - -/** * @ngdoc function * @name angular.lowercase * @function @@ -691,6 +681,8 @@ function shallowCopy(src, dst) { dst = dst || {}; for(var key in src) { + // shallowCopy is only ever called by $compile nodeLinkFn, which has control over src + // so we don't need to worry hasOwnProperty here if (src.hasOwnProperty(key) && key.substr(0, 2) !== '$$') { dst[key] = src[key]; } @@ -1188,6 +1180,17 @@ function assertArgFn(arg, name, acceptArrayAnnotation) { } /** + * throw error if the name given is hasOwnProperty + * @param {String} name the name to test + * @param {String} context the context in which the name is used, such as module or directive + */ +function assertNotHasOwnProperty(name, context) { + if (name === 'hasOwnProperty') { + throw ngMinErr('badname', "hasOwnProperty is not a valid {0} name", context); + } +} + +/** * Return the value accessible from the object by path. Any undefined traversals are ignored * @param {Object} obj starting object * @param {string} path path to traverse |