From 22a6819f7b81b654fbb1632f425b42411f94cc98 Mon Sep 17 00:00:00 2001
From: B0zal <me@btz.pm>
Date: Fri, 25 Aug 2023 18:48:38 +0700
Subject: [PATCH] Security Update

[+] Protect Prototype
---
 app/utils/merge.ts | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/app/utils/merge.ts b/app/utils/merge.ts
index 758d6df8..fd7a4da9 100644
--- a/app/utils/merge.ts
+++ b/app/utils/merge.ts
@@ -1,9 +1,13 @@
 export function merge(target: any, source: any) {
   Object.keys(source).forEach(function (key) {
-    if (source[key] && typeof source[key] === "object") {
+    if (
+      source.hasOwnProperty(key) && // Check if the property is not inherited
+      source[key] &&
+      typeof source[key] === "object" || key === "__proto__" || key === "constructor"
+    ) {
       merge((target[key] = target[key] || {}), source[key]);
       return;
     }
     target[key] = source[key];
   });
-}
+} 
\ No newline at end of file