Object.prototype pollution / interfering with Backbone
See original GitHub issueWhen aliasing preact & preact-compat into an existing React app (as part of a larger codebase) I’ve noticed it’s polluting the global Object prototype
And this is causing issues with some Backbone views we have in a separate part of the app
The $$typeof
is causing things to choke - is this desired behaviour?
This is with "preact": "^10.0.0-beta.1"
and "preact-compat": "^3.18.5"
Issue Analytics
- State:
- Created 4 years ago
- Comments:7 (4 by maintainers)
Top Results From Across the Web
Prototype Pollution in backbone-query-parameters | Snyk
Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects.
Read more >Prototype Pollution - s1r1us
Prototype pollution is an interesting vulnerability, either it is server-side or client-side. Based on the application logic, prototype pollution leads to ...
Read more >What Is Prototype Pollution? | Risks & Mitigation - Imperva
This vulnerability is called prototype pollution because it allows threat actors to inject values that overwrite or pollute the “prototype” of a base...
Read more >Prototype Pollution in backbone-query-parameters - Vulners
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in backbone-query-parameters 0.4.0 allows a malicious user to ...
Read more >The Complete Guide to Prototype Pollution Vulnerabilities
The animation shows the Objects with their Prototypes, then a new Prototype (Prototype_#4) is added on the _proto_ of another Object (Object_#3) ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
That’s exactly what it was. Just about to post. For me it was https://github.com/algolia/instantsearch.js
I added an alias from
preact-compat
topreact/compat
and everything is workingYou should use
preact/compat
when using preact v10. Could you check if this issue still happens when not usingpreact-compat
and replacing it withpreact/compat
?