When executing the code line window.location.search.substring(1) with the word 'substring(1)', an error related to Prototype_Pollution occurs. This error is caused by assigning external properties without proper validation, which can lead to object properties pollution and disrupt the normal behavior of the application. How can this code be fixed?
var QueryString = function () {
// An anonymous function that is executed immediately and
// the return value is assigned to QueryString!
var query_string = {};
const allowed = new Set([
'rqid',
'rowId',
'sid',
'RequestId',
'RequestTypeID',
'mode',
'id',
'requestIdList',
]);
var query = DOMPurify.sanitize(window.location.search.substring(1));
var vars = query.split("&");
for (var i = 0; i < vars.length; i++) {
var pair = vars[i].split("=");
// If first entry with this name
if (typeof query_string[pair[0]] === "undefined") {
if (allowed.has(pair[0])) {
query_string[pair[0]] = decodeURIComponent(pair[1]);
}
// If second entry with this name
} else if (typeof query_string[pair[0]] === "string") {
if (allowed.has(pair[0])) {
var arr = [query_string[pair[0]], decodeURIComponent(pair[1])];
query_string[pair[0]] = arr;
}
// If third or later entry with this name
} else {
if (allowed.has(pair[0])) {
query_string[pair[0]].push(decodeURIComponent(pair[1]));
}
}
}
return query_string;
}();