From b484fe76265712728ccfccea7c1299cf23b62b2d Mon Sep 17 00:00:00 2001
From: Joffrey JAFFEUX <j.jaffeux@gmail.com>
Date: Wed, 24 Apr 2019 13:28:38 +0200
Subject: [PATCH] SECURITY: jquery CVE-2019-11358

---
 vendor/assets/javascripts/jquery.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/vendor/assets/javascripts/jquery.js b/vendor/assets/javascripts/jquery.js
index 9b5206bcc6..fe7c3fc62e 100644
--- a/vendor/assets/javascripts/jquery.js
+++ b/vendor/assets/javascripts/jquery.js
@@ -261,8 +261,9 @@ jQuery.extend = jQuery.fn.extend = function() {
 				src = target[ name ];
 				copy = options[ name ];
 
+				// Prevent Object.prototype pollution
 				// Prevent never-ending loop
-				if ( target === copy ) {
+				if ( name === "__proto__" || target === copy  ) {
 					continue;
 				}