Comparing version 6.11.1 to 6.11.2
@@ -0,1 +1,5 @@ | ||
| ## **6.11.2** | ||
| - [Fix] `parse`: Fix parsing when the global Object prototype is frozen (#473) | ||
| - [Tests] add passing test cases with empty keys (#473) | ||
| ## **6.11.1** | ||
@@ -2,0 +6,0 @@ - [Fix] `stringify`: encode comma values more consistently (#463) |
@@ -52,3 +52,4 @@ 'use strict'; | ||
| var parseValues = function parseQueryStringValues(str, options) { | ||
| var obj = {}; | ||
| var obj = { __proto__: null }; | ||
| var cleanStr = options.ignoreQueryPrefix ? str.replace(/^\?/, '') : str; | ||
@@ -55,0 +56,0 @@ var limit = options.parameterLimit === Infinity ? undefined : options.parameterLimit; |
@@ -5,3 +5,3 @@ { | ||
| "homepage": "https://github.com/ljharb/qs", | ||
| "version": "6.11.1", | ||
| "version": "6.11.2", | ||
| "repository": { | ||
@@ -44,2 +44,4 @@ "type": "git", | ||
| "for-each": "^0.3.3", | ||
| "has-override-mistake": "^1.0.0", | ||
| "has-property-descriptors": "^1.0.0", | ||
| "has-symbols": "^1.0.3", | ||
@@ -49,2 +51,3 @@ "iconv-lite": "^0.5.1", | ||
| "mkdirp": "^0.5.5", | ||
| "mock-property": "^1.0.0", | ||
| "npmignore": "^0.3.0", | ||
@@ -51,0 +54,0 @@ "nyc": "^10.3.2", |
| 'use strict'; | ||
| var test = require('tape'); | ||
| var qs = require('../'); | ||
| var utils = require('../lib/utils'); | ||
| var hasPropertyDescriptors = require('has-property-descriptors')(); | ||
| var iconv = require('iconv-lite'); | ||
| var mockProperty = require('mock-property'); | ||
| var hasOverrideMistake = require('has-override-mistake')(); | ||
| var SaferBuffer = require('safer-buffer').Buffer; | ||
| var emptyTestCases = require('./empty-keys-cases').emptyTestCases; | ||
| var qs = require('../'); | ||
| var utils = require('../lib/utils'); | ||
| test('parse()', function (t) { | ||
@@ -604,2 +609,30 @@ t.test('parses a simple string', function (st) { | ||
| t.test('does not crash when the global Object prototype is frozen', { skip: !hasPropertyDescriptors || !hasOverrideMistake }, function (st) { | ||
| // We can't actually freeze the global Object prototype as that will interfere with other tests, and once an object is frozen, it | ||
| // can't be unfrozen. Instead, we add a new non-writable property to simulate this. | ||
| st.teardown(mockProperty(Object.prototype, 'frozenProp', { value: 'foo', nonWritable: true, nonEnumerable: true })); | ||
| st['throws']( | ||
| function () { | ||
| var obj = {}; | ||
| obj.frozenProp = 'bar'; | ||
| }, | ||
| // node < 6 has a different error message | ||
| /^TypeError: Cannot assign to read only property 'frozenProp' of (?:object '#<Object>'|#<Object>)/, | ||
| 'regular assignment of an inherited non-writable property throws' | ||
| ); | ||
| var parsed; | ||
| st.doesNotThrow( | ||
| function () { | ||
| parsed = qs.parse('frozenProp', { allowPrototypes: false }); | ||
| }, | ||
| 'parsing a nonwritable Object.prototype property does not throw' | ||
| ); | ||
| st.deepEqual(parsed, {}, 'bare "frozenProp" results in {}'); | ||
| st.end(); | ||
| }); | ||
| t.test('params starting with a closing bracket', function (st) { | ||
@@ -857,1 +890,11 @@ st.deepEqual(qs.parse(']=toString'), { ']': 'toString' }); | ||
| }); | ||
| test('parses empty keys', function (t) { | ||
| emptyTestCases.forEach(function (testCase) { | ||
| t.test('skips empty string key with ' + testCase.input, function (st) { | ||
| st.deepEqual(qs.parse(testCase.input), testCase.noEmptyKeys); | ||
| st.end(); | ||
| }); | ||
| }); | ||
| }); |
@@ -9,2 +9,3 @@ 'use strict'; | ||
| var hasSymbols = require('has-symbols'); | ||
| var emptyTestCases = require('./empty-keys-cases').emptyTestCases; | ||
| var hasBigInt = typeof BigInt === 'function'; | ||
@@ -956,1 +957,18 @@ | ||
| }); | ||
| test('stringifies empty keys', function (t) { | ||
| emptyTestCases.forEach(function (testCase) { | ||
| t.test('stringifies an object with empty string key with ' + testCase.input, function (st) { | ||
| st.deepEqual(qs.stringify(testCase.withEmptyKeys, { encode: false }), testCase.stringifyOutput); | ||
| st.end(); | ||
| }); | ||
| }); | ||
| t.test('edge case with object/arrays', function (st) { | ||
| st.deepEqual(qs.stringify({ '': { '': [2, 3] } }, { encode: false }), '[][0]=2&[][1]=3'); | ||
| st.deepEqual(qs.stringify({ '': { '': [2, 3], a: 2 } }, { encode: false }), '[][0]=2&[][1]=3&[a]=2'); | ||
| st.end(); | ||
| }); | ||
| }); |
Sorry, the diff of this file is too big to display
No alert changes
Improved metrics
- Total package byte prevSize
- increased by2.82%
241132
- Number of package files
- increased by5.88%
18
- Lines of code
- increased by2.32%
4285
Worsened metrics
- Dev dependency count
- increased by16.67%
21
No dependency changes