From 7a37f73eaed32e88123dfcc48847f42b1cfcf193 Mon Sep 17 00:00:00 2001 From: Jan Oberhauser Date: Sun, 14 Nov 2021 00:11:50 +0100 Subject: [PATCH] :bug: Improve expression security --- packages/workflow/src/Expression.ts | 3 +++ 1 file changed, 3 insertions(+) diff --git a/packages/workflow/src/Expression.ts b/packages/workflow/src/Expression.ts index 2b65ef03b8..b7fd4d0138 100644 --- a/packages/workflow/src/Expression.ts +++ b/packages/workflow/src/Expression.ts @@ -112,6 +112,9 @@ export class Expression { versions: process.versions, }; + // @ts-ignore + data.document = {}; + // Execute the expression try { // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call