From a5df1fc41fcd5c9a72e3db7c861966fb68622e48 Mon Sep 17 00:00:00 2001
From: Misko Hevery
Date: Sat, 11 Dec 2010 10:07:10 -0800
Subject: Stricter JSON parsing, for security

---
 test/JsonSpec.js | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'test')

diff --git a/test/JsonSpec.js b/test/JsonSpec.js
index f0019bef..ba3366e5 100644
--- a/test/JsonSpec.js
+++ b/test/JsonSpec.js
@@ -151,6 +151,18 @@ describe('json', function(){
       expect(function(){fromJson('[].constructor');}).
         toThrow(new Error("Parse Error: Token '.' is not valid json at column 3 of expression [[].constructor] starting at [.constructor]."));
     });
+    
+    it('should not allow object dereference', function(){
+      expect(function(){fromJson('{a:1, b: $location, c:1}');}).toThrow();
+      expect(function(){fromJson("{a:1, b:[1]['__parent__']['location'], c:1}");}).toThrow();
+    });
+    
+    it('should not allow assignments', function(){
+      expect(function(){fromJson("{a:1, b:[1]=1, c:1}");}).toThrow();
+      expect(function(){fromJson("{a:1, b:=1, c:1}");}).toThrow();
+      expect(function(){fromJson("{a:1, b:x=1, c:1}");}).toThrow();
+    });
+    
   });
 
 });
-- 
cgit v1.2.3