From 873acf8fab3eb41914920259e713e1916e3c4f38 Mon Sep 17 00:00:00 2001 From: Caitlin Potter Date: Thu, 3 Jul 2014 17:22:16 -0400 Subject: [PATCH] fix(parseKeyValue): ignore properties in prototype chain. Previously, properties (typically functions) in the prototype chain (Object.prototype) would shadow query parameters, and cause them to be serialized incorrectly. This CL guards against this by using hasOwnProperty() to ensure that only own properties are a concern. Closes #8070 Fixes #8068 --- src/Angular.js | 2 +- test/AngularSpec.js | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/Angular.js b/src/Angular.js index 6be628f1f..9cba518ae 100644 --- a/src/Angular.js +++ b/src/Angular.js @@ -1105,7 +1105,7 @@ function parseKeyValue(/**string*/keyValue) { key = tryDecodeURIComponent(key_value[0]); if ( isDefined(key) ) { var val = isDefined(key_value[1]) ? tryDecodeURIComponent(key_value[1]) : true; - if (!obj[key]) { + if (!hasOwnProperty.call(obj, key)) { obj[key] = val; } else if(isArray(obj[key])) { obj[key].push(val); diff --git a/test/AngularSpec.js b/test/AngularSpec.js index 2a266820e..cea8ad6d5 100644 --- a/test/AngularSpec.js +++ b/test/AngularSpec.js @@ -470,6 +470,13 @@ describe('angular', function() { expect(parseKeyValue('flag1&flag1=value&flag1=value2&flag1')). toEqual({flag1: [true,'value','value2',true]}); }); + + + it('should ignore properties higher in the prototype chain', function() { + expect(parseKeyValue('toString=123')).toEqual({ + 'toString': '123' + }); + }); }); describe('toKeyValue', function() {