如何从JSON对象中删除__proto__属性? [英] How to remove __proto__ property from a JSON object?
问题描述
我具有基于Node-Express的以下功能:
I have the following function based on Node-Express:
//function on server side
app.get('/loginCheck', loggedCheck, function(req, res) {
var data = {local: {}, facebook: {}};
data.id = req.user._id;
data.local.email = req.user.local.email;
data.local.fname = req.user.local.fname;
data.local.lname = req.user.local.lname ;
data.local.college = req.user.local.college ;
data.local.degree = req.user.local.degree ;
data.year = req.user.year ;
data.mobile = req.user.mobile ;
data.city = req.user.city ;
data.facebook.id = req.user.facebook.id ;
//res.json(data);
var x = {};
x.name = "someName"
res.json(x);
})
以下是发出ajax请求的客户端代码:
Following is the code on client side which makes an ajax requests:
//function on client side making an ajax request
$.get("/loginCheck",function(data,status){
console.log(data);
});
在服务器端的前一个代码中,req.user是由mongoose创建的mongodb对象.我想做的就是发送数据对象(具有req.user对象的某些选定属性),然后将该对象作为JSON发送作为响应.
In the former code on server side, req.user is a mongodb object created by mongoose. What I want to do is send the data object (which has some selected attributes of req.user object) and send the object as JSON as response.
变量x是自定义创建的变量.
The variable x is a custom created variable.
问题是:
当我向客户端发送data对象时,还会向该对象添加__proto__属性,而向客户端发送x时却不会出现该对象.
但是,我不想在客户端使用__proto__,因为从某些文章中,我发现__proto__存在安全问题.
The problem is:
When I send the data object to client, __proto__ attribute is also added with the object which is not happening when I am sending x to the client.
But, I don't want the __proto__ in the client side, because, from some articles, I found that there are security issues with __proto__.
我需要有关如何从data对象中删除__proto__的帮助.
I need help on how to remove __proto__ from the data object.
推荐答案
您无需删除它.不会造成任何麻烦/问题.
You don't need to remove that. It doesn't cause any trouble/problem.
您可以这样使用.
$.each(data, function(k, v) {
console.log(k, v);
});
这篇关于如何从JSON对象中删除__proto__属性?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
