Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix Unsafe JavaScript Equality Checking #2183

Merged
merged 1 commit into from
May 24, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/auth/auth-api-request.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1603,7 +1603,7 @@ export abstract class AbstractAuthRequestHandler {
* @param email - The email of the user the link is being sent to.
* @param actionCodeSettings - The optional action code setings which defines whether
* the link is to be handled by a mobile app and the additional state information to be passed in the
* deep link, etc. Required when requestType == 'EMAIL_SIGNIN'
* deep link, etc. Required when requestType === 'EMAIL_SIGNIN'
* @param newEmail - The email address the account is being updated to.
* Required only for VERIFY_AND_CHANGE_EMAIL requests.
* @returns A promise that resolves with the email action link.
Expand Down
4 changes: 2 additions & 2 deletions src/auth/auth-config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1517,7 +1517,7 @@ export class OIDCConfig implements OIDCAuthProviderConfig {
const allKeys = Object.keys(options.responseType).length;
const enabledCount = Object.values(options.responseType).filter(Boolean).length;
// Only one of OAuth response types can be set to true.
if (allKeys > 1 && enabledCount != 1) {
if (allKeys > 1 && enabledCount !== 1) {
throw new FirebaseAuthError(
AuthClientErrorCode.INVALID_OAUTH_RESPONSETYPE,
'Only exactly one OAuth responseType should be set to true.',
Expand Down Expand Up @@ -1872,7 +1872,7 @@ export class RecaptchaAuthConfig implements RecaptchaConfig {
});
}

if (typeof options.useAccountDefender != 'undefined') {
if (typeof options.useAccountDefender !== 'undefined') {
if (!validator.isBoolean(options.useAccountDefender)) {
throw new FirebaseAuthError(
AuthClientErrorCode.INVALID_CONFIG,
Expand Down
2 changes: 1 addition & 1 deletion src/auth/tenant.ts
Original file line number Diff line number Diff line change
Expand Up @@ -287,7 +287,7 @@ export class Tenant {
MultiFactorAuthConfig.buildServerRequest(request.multiFactorConfig);
}
// Validate SMS Regions Config if provided.
if (typeof request.smsRegionConfig != 'undefined') {
if (typeof request.smsRegionConfig !== 'undefined') {
SmsRegionsAuthConfig.validate(request.smsRegionConfig);
}
// Validate reCAPTCHAConfig type if provided.
Expand Down
2 changes: 1 addition & 1 deletion src/auth/token-verifier.ts
Original file line number Diff line number Diff line change
Expand Up @@ -466,7 +466,7 @@ export class FirebaseTokenVerifier {
private safeDecode(jwtToken: string): Promise<DecodedToken> {
return decodeJwt(jwtToken)
.catch((err: JwtError) => {
if (err.code == JwtErrorCode.INVALID_ARGUMENT) {
if (err.code === JwtErrorCode.INVALID_ARGUMENT) {
const verifyJwtTokenDocsMessage = ` See ${this.tokenInfo.url} ` +
`for details on how to retrieve ${this.shortNameArticle} ${this.tokenInfo.shortName}.`;
const errorMessage = `Decoding ${this.tokenInfo.jwtName} failed. Make sure you passed ` +
Expand Down
4 changes: 2 additions & 2 deletions src/remote-config/remote-config-api-client-internal.ts
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ export class RemoteConfigApiClient {
public publishTemplate(template: RemoteConfigTemplate, options?: { force: boolean }): Promise<RemoteConfigTemplate> {
template = this.validateInputRemoteConfigTemplate(template);
let ifMatch: string = template.etag;
if (options && options.force == true) {
if (options && options.force === true) {
// setting `If-Match: *` forces the Remote Config template to be updated
// and circumvent the ETag, and the protection from that it provides.
ifMatch = '*';
Expand Down Expand Up @@ -244,7 +244,7 @@ export class RemoteConfigApiClient {
* @param {string} customEtag A custom etag to replace the etag fom the API response (Optional).
*/
private toRemoteConfigTemplate(resp: HttpResponse, customEtag?: string): RemoteConfigTemplate {
const etag = (typeof customEtag == 'undefined') ? resp.headers['etag'] : customEtag;
const etag = (typeof customEtag === 'undefined') ? resp.headers['etag'] : customEtag;
this.validateEtag(etag);
return {
conditions: resp.data.conditions,
Expand Down