Mirroristas/gun
2
0
Fork 0
mirror of https://github.com/amark/gun.git synced 2025-03-30 15:08:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: correct destructuring of user object to enhance security in SEA

Browse Source
This commit is contained in:
x 2025-02-26 11:49:01 +07:00
parent af2fbf7ccd
commit 8f344d03b0
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sea/index.js
View File

@ -140,7 +140,7 @@
// Localize some opt props, and delete the original refs to prevent possible attacks
const opt = (msg._.msg || {}).opt || {}
const authenticator = opt.authenticator || (user._).sea;
const authenticator = opt.authenticator || (user._ || {}).sea;
const upub = opt.authenticator ? (opt.pub || (user.is || {}).pub || pub) : (user.is || {}).pub;
const cert = opt.cert;
delete opt.authenticator; delete opt.pub;