Novel Planetary Movement

    freeze-prototypes

    0.1.2 • Public • Published

    freeze-prototypes

    Freezes common prototypes like Array.prototype to avoid any library messing with them

    Read Unapply attack

    NPM info

    Build status

    Use

    Include after main trusted libraries are loaded, maybe before your own app code, but before untrusted 3rd party code

    <script src="//cdn/jquery.js"></script>
    <script src="//cdn/angular.js"></script>
    <script src="dist/freeze-prototypes.js"></script>
    <script src="<your app code>"></script> 
    <script src="<untrusted 3rd party code>"></script> 

    Old browsers

    If you run in an old browser that does NOT have Object.freeze, then it is

    • insecure browser
    • can be worked around to avoid crashing inside freeze-prototypes
    <script>
    // fake version to let freeze-prototypes to pass
    Object.freeze = function nothing() {};
    </script> 
    <script src="dist/freeze-prototypes.js"></script>

    Small print

    Author: Gleb Bahmutov © 2015

    License: MIT - do anything with the code, but don't blame me if it does not work.

    Spread the word: tweet, star on github, etc.

    Support: if you find any problems with this module, email / tweet / open issue on Github

    Install

    npm i freeze-prototypes

    DownloadsWeekly Downloads

    5

    Version

    0.1.2

    License

    MIT

    Last publish

    Collaborators

    • bahmutov