archive-gh-me/mathjs
1
0
Fork 0
mirror of https://github.com/josdejong/mathjs.git synced 2025-12-08 19:46:04 +00:00
Code Issues Projects Releases Wiki Activity
3,016 Commits 15 Branches 303 Tags
Commit Graph

280 Commits

Author SHA1 Message Date
jos
a60f3c8d9d Fixed a security issue where forbidden properties like constructor could be replaced by using unicode characters when creating an object 2017-11-18 20:11:48 +01:00
Max Bruckner
b2857392bd OperatorNode: Fix implicit multiplication 
Fixes implicit multiplication when parenthesis is 'auto' and operands
are ConstantNodes.

This is handled by detecting that case and printing parentheses for
ParenthesisNodes even though they normally wouldn't with parenthesis
set to 'auto'.
 2017-08-13 20:57:41 +02:00
Max Bruckner
1f4909c625 OperatorNode: switch-case in calculate..Parentheses 2017-08-13 19:26:37 +02:00
jos
967e65cceb Refactored usage of properties .isNode, .isSymbolNode, etc. into using functions like type.isNode(x) for security 2017-08-12 14:38:03 +02:00
jos
949261f92b Refactored usage of properties .isRange, .isIndex, .isResultSet, and .isHelp for their (safe) function equivalents 2017-08-12 13:31:09 +02:00
jos
e10dd5bce5 Refactored x && x.isBigNumber === true into type.isBigNumber(x) 2017-08-12 11:54:53 +02:00
jos
26e70a4acd Refactored x.isComplex === true into type.isComplex(x) 2017-08-12 11:32:40 +02:00
jos
a18f2068f3 Fixed toString of a parsed expression tree containing an immediately invoked function assignment not being wrapped in parenthesis 2017-08-12 11:03:19 +02:00
Jos de Jong
69f3e882d7 Merge pull request #888 from ThomasBrierley/prototyped-scopes 
Prototyped Scopes
 2017-07-05 22:01:29 +02:00
Thomas Brierley
955c72bebf Update isSafeProperty interface 2017-06-29 14:56:47 +01:00
jos
08695ef1c7 Use strict unequal in xor 2017-06-24 20:38:25 +02:00
jos
3545d9000e Fixed undefined Unit in SymbolNode 2017-06-24 15:14:01 +02:00
jos
af58fd2294 Decouple SymbolNode from Unit 2017-06-24 14:55:12 +02:00
jos
16b0d620a1 Removed redundant dependency on math 2017-06-24 13:43:21 +02:00
Nekomajin42
9678d1a067 Change escape-goat to native escape function 2017-06-06 12:06:58 +02:00
Nekomajin42
e7aa5b4ec9 fix the escaping errors 2017-06-01 16:02:20 +02:00
Nekomajin42
e18cca6153 Revert "Revert "Use escape goat"" 
This reverts commit f83c88237f02edf7595e375606c1a0eaaa6ce50c.
 2017-06-01 08:36:04 +02:00
Nekomajin42
f83c88237f Revert "Use escape goat" 
This reverts commit 51e1b601b64d0bb782590e95c7a74bbb7fb179ff.
 2017-06-01 08:35:47 +02:00
Nekomajin42
51e1b601b6 Use escape goat 2017-06-01 08:19:16 +02:00
Nekomajin42
7301b6fcf9 Implement toHTML() to Nodes 
toHTML() method to each Node, and update in the docs
 2017-05-21 15:47:43 +02:00
jos
f61bb6cf94 Fixed #856: function subset not returning non-primitive scalars from Arrays correctly 2017-05-16 21:41:03 +02:00
jos
27660d8c00 Some more security measures 2017-05-05 21:08:23 +02:00
jos
85ac1a0aa4 Some more security measures 2017-05-05 20:53:20 +02:00
jos
aef6203049 Use safe function arguments internally 2017-05-05 17:25:21 +02:00
jos
73b774a51b Use safe map, forEach, join 2017-05-05 12:32:21 +02:00
jos
19faeac16c Escape function names and properties 2017-04-24 21:36:00 +02:00
jos
c259c936ec Refactored compile into a factory function 2017-04-22 17:12:38 +02:00
jos
a7bd4cd833 Register _compile as separate functions 2017-04-22 16:49:22 +02:00
jos
b9c3b334e1 Refactored customs.js into a regular js file instead of factory 2017-04-22 13:04:29 +02:00
jos
fa06a452b9 Only return undefined in case of plain objects 2017-04-08 16:44:21 +02:00
jos
ee6efa3768 Only allow accessing/assigning properties on plain objects. Only allow calling known methods. 2017-04-08 15:32:10 +02:00
jos
25db18caec Fixed a security vulnerability 2017-04-03 20:43:52 +02:00
jos
1092489440 Some refactoring 2017-04-03 01:32:15 +02:00
jos
5c4b105c7e Fixed a security vulnerability in the expression parser 2017-04-03 01:29:13 +02:00
jos
fbe6e62faf Fixed more security vulnerabilities 2017-04-02 19:51:11 +02:00
jos
ebb3c9bd0e Fixed #821, #822: security vulnerabilities in the expression parser 2017-04-02 14:57:21 +02:00
jos
3c3517daa6 More security fixes + unit tests 2017-03-31 13:41:37 +02:00
jos
2f45600905 Fixed a security vulnerability in the expression parser allowing execution of arbitrary JavaScript 2017-03-31 10:18:14 +02:00
jos
1f1f7b72f9 Added semi colons 2017-02-06 20:09:50 +01:00
jos
4a98f6818b Performance optimization 2017-02-06 20:09:03 +01:00
jos
0396d9622d More clear method description 2017-02-05 13:55:49 +01:00
jos
f8370bdaf1 Fixed #790: Expression parser did not pass function arguments of enclosing functions via scope to functions having rawArgs = true 2017-02-05 13:50:06 +01:00
jos
db67f4cb84 Removed method Node.simplify() (use function simplify instead) 2017-01-22 13:42:19 +01:00
jos
5c5b83988e Updaed docs of Node.simplify 2017-01-21 20:35:20 +01:00
jos
71ae3ea076 Consistent API for both derivative and simplify (dropped transform) 2017-01-20 21:43:40 +01:00
jos
1583b455ca Merge branch 'develop' into algebraic_differentiation 2017-01-20 11:18:05 +01:00
jos
79993ceac7 Fixed #765: FunctionAssignmentNode.toString() returning a string incompatible with the function assignment syntax 2016-12-18 13:29:21 +01:00
jos
e0123c7355 Implemented a method cloneDeep for the expression Nodes. See #745. 2016-11-18 15:37:07 +01:00
Max Bruckner
ab6d9268f3 OperatorNode: Use map instead of foreach in many places 2016-11-14 18:51:21 +07:00
Max Bruckner
493bd7f6b0 OperatorNode: Support more than two operands in toTex/String 
Only for multiplication and addition though.
 2016-11-13 15:50:32 +07:00