From fc42d7ddbb8be233a74ce0783a5c373e4ac07191 Mon Sep 17 00:00:00 2001
From: Arturs Jansons <a.jansons@gmail.com>
Date: Thu, 29 Feb 2024 15:21:16 +0300
Subject: [PATCH] Isolate Cookie.prototype

Bellow, Cookie.prototype.toString where added, which rewrites Object.prototype.toString. Prototype pollution can be used here.
---
 index.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/index.js b/index.js
index 133e4d1..a86e6ee 100644
--- a/index.js
+++ b/index.js
@@ -80,6 +80,8 @@ function Cookies(request, response, options) {
   }
 }
 
+Cookie.prototype = Object.create(null); // To isolate prototype
+
 Cookies.prototype.get = function(name, opts) {
   var sigName = name + ".sig"
     , header, match, value, remote, data, index