Problem
\callComponent()\ in
ender-ir.ts\ assigns props to class component instances without filtering dangerous prototype keys (_proto_, \constructor, \prototype).
\\ s
// render-ir.ts:290-291
for (const [key, value] of Object.entries(props)) {
(instance as Record<string,unknown>)[key] = value;
}
\\
SSR path (
ender-dsd.ts\ via \injectProps()) already has \DANGEROUS_KEYS.has(key)\ guard. IR path is missing it.
Impact
Low: _proto_\ on an instance only changes that instance's chain, not global. Render path has try/catch. Attack surface is narrow (requires control of JSX prop names, not values).
Fix
Add \DANGEROUS_KEYS\ import and guard in \callComponent():
\\ s
import { trustRenderHtml, DANGEROUS_KEYS } from './security.ts';
\
\\ s
for (const [key, value] of Object.entries(props)) {
if (DANGEROUS_KEYS.has(key)) continue;
(instance as Record<string, unknown>)[key] = value;
}
\\
Problem
\callComponent()\ in
ender-ir.ts\ assigns props to class component instances without filtering dangerous prototype keys (_proto_, \constructor, \prototype).
\\ s
// render-ir.ts:290-291
for (const [key, value] of Object.entries(props)) {
(instance as Record<string,unknown>)[key] = value;
}
\\
SSR path (
ender-dsd.ts\ via \injectProps()) already has \DANGEROUS_KEYS.has(key)\ guard. IR path is missing it.
Impact
Low: _proto_\ on an instance only changes that instance's chain, not global. Render path has try/catch. Attack surface is narrow (requires control of JSX prop names, not values).
Fix
Add \DANGEROUS_KEYS\ import and guard in \callComponent():
\\ s
import { trustRenderHtml, DANGEROUS_KEYS } from './security.ts';
\
\\ s
for (const [key, value] of Object.entries(props)) {
if (DANGEROUS_KEYS.has(key)) continue;
(instance as Record<string, unknown>)[key] = value;
}
\\