Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Object.prototype pollution / interfering with Backbone

See original GitHub issue

When aliasing preact & preact-compat into an existing React app (as part of a larger codebase) I’ve noticed it’s polluting the global Object prototype

Screenshot 2019-05-29 at 11 46 28

And this is causing issues with some Backbone views we have in a separate part of the app

Screenshot 2019-05-29 at 11 19 31

The $$typeof is causing things to choke - is this desired behaviour?

This is with "preact": "^10.0.0-beta.1" and "preact-compat": "^3.18.5"

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:7 (4 by maintainers)

github_iconTop GitHub Comments

1reaction
cloakedninjascommented, May 29, 2019

That’s exactly what it was. Just about to post. For me it was https://github.com/algolia/instantsearch.js

I added an alias from preact-compat to preact/compat and everything is working

1reaction
JoviDeCroockcommented, May 29, 2019

You should use preact/compat when using preact v10. Could you check if this issue still happens when not using preact-compat and replacing it with preact/compat?

Read more comments on GitHub >

github_iconTop Results From Across the Web

Prototype Pollution in backbone-query-parameters | Snyk
Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects.
Read more >
Prototype Pollution - s1r1us
Prototype pollution is an interesting vulnerability, either it is server-side or client-side. Based on the application logic, prototype pollution leads to ...
Read more >
What Is Prototype Pollution? | Risks & Mitigation - Imperva
This vulnerability is called prototype pollution because it allows threat actors to inject values that overwrite or pollute the “prototype” of a base...
Read more >
Prototype Pollution in backbone-query-parameters - Vulners
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in backbone-query-parameters 0.4.0 allows a malicious user to ...
Read more >
The Complete Guide to Prototype Pollution Vulnerabilities
The animation shows the Objects with their Prototypes, then a new Prototype (Prototype_#4) is added on the _proto_ of another Object (Object_#3) ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

npm README field is blank

Next page

10.0.0-beta.1 componentWillUnmount does not fire when using Preact.render() with replaceNode