Problem accessing to a property declared with getter #1634
Comments
|
@deather I had similar issues when accessing Mongoose objects from my templates. In the latest release accessing prototype values has been disabled. See the release notes: |
|
@matthaywardwebdesign thanks for the information. I use handlebars through another dependency, I will warn the maintaner. Sorry for the false issue and thanks again. |
|
@deather I have just released 4.7.0 with options to re-enable prototype access. Please read the documentation here: https://handlebarsjs.com/api-reference/runtime-options.html#options-to-control-prototype-access Be careful when using it, as it may open up security leaks that were closed by 4.6.0. I have planned to publish details in due time, when we can sure that insecure versions of Handlebars have been updated. |
|
@matthaywardwebdesign how did you solve the problem with Mongoose and handlebars>4.6 ? Did you use @deather which dependency are you using? Please have a look at #1642 and add your comments there so we can collect those problems. |
|
@nknapp In this particular case I just called .toJSON before passing it into to the template which did the trick. The change was made to fix some security leaks so didn't want to necessarily open them up, nor whitelist every field! |
|
@nknapp Would the changes introduced in 4.6.0 be considered backwards-breaking? |
|
@justinTM it's not an easy yes-no question. The documentation never mentions the cases where 4.6 doesn't work anymore, so technically no. But it since some of the things that worked with 4.5.3 now don't work anymore, you could say yes. |
|
Understood, that makes sense; just learned about SEMVER yesterday, still learning :) Thanks |
Hi,
Since the version 4.6.0, I can't access to a class property in a template. It was working very well before, so I supposed it is a regression.
I create a jsfiddle with the use case.
Thanks for reading and your awesome work.
The text was updated successfully, but these errors were encountered: