Google engineers plot to mitigate prototype pollution

Google’s software engineers have proposed a solution to clamp down on prototype pollution, a JavaScript vulnerability that enables attackers to manipulate objects they do not control. The proposal, currently under review by technical working group TC39, seeks to create a boundary between JavaScript objects and their blueprints. The technology aims to eliminate pathways that allow attackers to transfer from the objects to the blueprints.