Comparing version 4.1.1 to 4.1.2
@@ -366,4 +366,9 @@ 'use strict'; | ||
this._headers[this._pendingHeader.slice(0, sep).toLowerCase()] = this._pendingHeader.slice(sep + 1).trim(); | ||
const name = this._pendingHeader.slice(0, sep).toLowerCase(); | ||
if (name === '__proto__') { | ||
return this._abort(Boom.badRequest('Invalid header')); | ||
} | ||
this._headers[name] = this._pendingHeader.slice(sep + 1).trim(); | ||
this._pendingHeader = ''; | ||
}; |
{ | ||
"name": "@hapi/pez", | ||
"description": "Multipart parser", | ||
"version": "4.1.1", | ||
"version": "4.1.2", | ||
"repository": "git://github.com/hapijs/pez", | ||
@@ -15,3 +15,3 @@ "main": "lib/index.js", | ||
"@hapi/boom": "7.x.x", | ||
"@hapi/content": "4.x.x", | ||
"@hapi/content": "^4.1.1", | ||
"@hapi/hoek": "8.x.x", | ||
@@ -18,0 +18,0 @@ "@hapi/nigel": "3.x.x" |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
13004
268
Updated@hapi/content@^4.1.1