From ab61151e4bd70295d74bcdeecd40baad996e1080 Mon Sep 17 00:00:00 2001
From: arjunshibu <arjunshibu1999@gmail.com>
Date: Thu, 11 Feb 2021 13:52:00 +0530
Subject: [PATCH] Fixed Prototype Pollution Bug by ignoring dangerous keys

---
 src/index.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/index.js b/src/index.js
index ff07626..1b490d7 100644
--- a/src/index.js
+++ b/src/index.js
@@ -4,7 +4,7 @@ function assign(target, source) {
 	for (let i in source) {
 		if (Array.isArray(target[i])) {
 			concat(target[i], source[i]);
-		} else if (typeof(target[i]) == "object") {
+		} else if (typeof(target[i]) == "object" && !/^__proto__|constructor|prototype$/.test(i)) {
 			assign(target[i], source[i]);
 		} else {
 			target[i] = source[i];