Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
// WORK IN PROGRESS...
const safeGet = (obj, key) => {
if (obj[key] == null) obj[key];
if (typeof obj[key] === 'function') {
throw new Error('Cannot safely get '+key+' since it a function. Use square bracket syntax to directly access instead.');
}
if (Object.prototype.hasOwnProperty.call(obj, key)) {
return obj[key];
} else {
// This console log could be rather buggy:
// console.debug('object', obj, 'has no key', key);
return undefined;
}
};
const safeSet = (obj, key, val) => {
if (typeof val === 'function') {
throw new Error('Cannot safely set '+key+' - supplied value is a function. Set directly via square bracket syntax.');
}
// propertyBlacklist (could be some sort of const declared at top)
if (key === 'constructor' || key === 'innerHTML' || key === 'src') {
throw new Error('Cannot safely set '+key+' - can lead to remote code execution');
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.