mudhorn/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2025-01-11 04:47:29 -08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

🐛 Improve expression security

Browse source
This commit is contained in:
Jan Oberhauser 2021-12-03 15:08:38 +01:00
parent 833c0e4972
commit 2081aedc81
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
packages/workflow/src/Expression.ts
View file

@ -114,11 +114,11 @@ export class Expression {
// @ts-ignore
data.document = {};
// @ts-ignore
data.constructor = {};
// Execute the expression
try {
// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
// tmpl.tmpl('{{this.Promise=global.Promise;global=this;}}', data);
// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
const returnValue = tmpl.tmpl(parameterValue, data);
if (typeof returnValue === 'function') {