svn commit: r885055 - /cxf/trunk/rt/javascript/src/main/resources/org/apache/cxf/javascript/cxf-utils.js

Fri, 27 Nov 2009 16:37:22 -0800 

Author: bimargulies
Date: Sat Nov 28 00:36:57 2009
New Revision: 885055

URL: http://svn.apache.org/viewvc?rev=885055&view=rev
Log:
protect against clever people who add extra properties to all arrays in 
Javascript.

Modified:
    
cxf/trunk/rt/javascript/src/main/resources/org/apache/cxf/javascript/cxf-utils.js

Modified: 
cxf/trunk/rt/javascript/src/main/resources/org/apache/cxf/javascript/cxf-utils.js
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/javascript/src/main/resources/org/apache/cxf/javascript/cxf-utils.js?rev=885055&r1=885054&r2=885055&view=diff
==============================================================================
--- 
cxf/trunk/rt/javascript/src/main/resources/org/apache/cxf/javascript/cxf-utils.js
 (original)
+++ 
cxf/trunk/rt/javascript/src/main/resources/org/apache/cxf/javascript/cxf-utils.js
 Sat Nov 28 00:36:57 2009
@@ -715,11 +715,14 @@
                this.req.setRequestHeader("Content-Type", 
"text/xml;charset=utf-8");
        }
 
-       if (headers) { // must be array indexed by header field.
-               for (var h in headers) {
-                       this.req.setRequestHeader(h, headers[h]);
-               }
-       }
+    if (headers) { // must be array indexed by header field.
+        // avoid extra properties on the headers.
+        for (var h in headers) {
+            if(headers.hasOwnProperty(h)) {
+                this.req.setRequestHeader(h, headers[h]);
+            }
+        }
+    }  
 
        this.req.setRequestHeader("SOAPAction", this.soapAction);
        this.req.setRequestHeader("MessageType", this.messageType);

Reply via email to