From 71a3013953bcd6087ffbf42b86ad8829ed23cab7 Mon Sep 17 00:00:00 2001
From: Mike Samuel <mikesamuel@gmail.com>
Date: Fri, 22 Feb 2019 13:29:07 -0500
Subject: [PATCH] Adds `constructor`

`constructor` is the only lowercase identifier that is `in` all JavaScript objects, and can be involved in obscure XSS so can be used to abuse code that uses JavaScript objects as lookup tables.

```js
var empty = {};
if ('constuctor' in empty && empty['constructor']) {
  // runs
}
empty['constructor']['constructor']('alert(1)')();  // Parses and runs
```
---
 blns.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/blns.txt b/blns.txt
index 54d73bf..33ee1d4 100644
--- a/blns.txt
+++ b/blns.txt
@@ -18,6 +18,7 @@ FALSE
 None
 hasOwnProperty
 then
+constructor
 \
 \\