From cb42766a14f8123aa288b6e20f879141970fb84d Mon Sep 17 00:00:00 2001
From: Caitlin Potter <caitpotter88@gmail.com>
Date: Thu, 3 Jul 2014 17:22:16 -0400
Subject: [PATCH] fix(parseKeyValue): ignore properties in prototype chain.

Previously, properties (typically functions) in the prototype chain (Object.prototype) would shadow
query parameters, and cause them to be serialized incorrectly.

This CL guards against this by using hasOwnProperty() to ensure that only own properties are a concern.

Closes #8070
Fixes #8068
---
 src/Angular.js      | 2 +-
 test/AngularSpec.js | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/Angular.js b/src/Angular.js
index b84b156f..0ae2f528 100644
--- a/src/Angular.js
+++ b/src/Angular.js
@@ -1091,7 +1091,7 @@ function parseKeyValue(/**string*/keyValue) {
       key = tryDecodeURIComponent(key_value[0]);
       if ( isDefined(key) ) {
         var val = isDefined(key_value[1]) ? tryDecodeURIComponent(key_value[1]) : true;
-        if (!obj[key]) {
+        if (!hasOwnProperty.call(obj, key)) {
           obj[key] = val;
         } else if(isArray(obj[key])) {
           obj[key].push(val);
diff --git a/test/AngularSpec.js b/test/AngularSpec.js
index fea74f81..6a74c6c6 100644
--- a/test/AngularSpec.js
+++ b/test/AngularSpec.js
@@ -480,6 +480,13 @@ describe('angular', function() {
       expect(parseKeyValue('flag1&flag1=value&flag1=value2&flag1')).
       toEqual({flag1: [true,'value','value2',true]});
     });
+
+
+    it('should ignore properties higher in the prototype chain', function() {
+      expect(parseKeyValue('toString=123')).toEqual({
+        'toString': '123'
+      });
+    });
   });
 
   describe('toKeyValue', function() {