Skip to main content

Object Injection

Object Injection Attack

  • __proto__.XX.
  • constructor.
  • hasOwnProperty.

Insecure Object Comparison

Injection:

const token = req.cookie.token

// Vulnerability:
// SESSIONS[constructor] => `true`
if (token && SESSIONS[token])
  next()

Solutions:

  • crypto.timingSafeEqual.
  • object.hasOwnProperty(token).