From b8ade14d89f43d4e2cb114d90d2137c11a3799de Mon Sep 17 00:00:00 2001
From: "Alexander V. Wolf" <alex.v.wolf@gmail.com>
Date: Sat, 28 Sep 2024 21:14:24 +0700
Subject: [PATCH] Fix code scanning alert no. 2: Prototype-polluting function

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 plugins/RemoteControl/webroot/js/require.js | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/plugins/RemoteControl/webroot/js/require.js b/plugins/RemoteControl/webroot/js/require.js
index 78490f91d525e..97a680a3231d3 100644
--- a/plugins/RemoteControl/webroot/js/require.js
+++ b/plugins/RemoteControl/webroot/js/require.js
@@ -109,6 +109,9 @@ var requirejs, require, define;
     function mixin(target, source, force, deepStringMixin) {
         if (source) {
             eachProp(source, function (value, prop) {
+                if (prop === '__proto__' || prop === 'constructor') {
+                    return;
+                }
                 if (force || !hasProp(target, prop)) {
                     if (deepStringMixin && typeof value === 'object' && value &&
                         !isArray(value) && !isFunction(value) &&