diff options
Diffstat (limited to 'app/scripts')
| -rw-r--r-- | app/scripts/background.js | 12 | ||||
| -rw-r--r-- | app/scripts/contentscript.js | 25 | ||||
| -rw-r--r-- | app/scripts/controllers/blacklist.js | 22 | ||||
| -rw-r--r-- | app/scripts/controllers/network/createInfuraClient.js | 10 | ||||
| -rw-r--r-- | app/scripts/controllers/network/createJsonRpcClient.js | 4 | ||||
| -rw-r--r-- | app/scripts/controllers/network/createLocalhostClient.js | 4 | ||||
| -rw-r--r-- | app/scripts/controllers/preferences.js | 43 | ||||
| -rw-r--r-- | app/scripts/controllers/transactions/index.js | 40 | ||||
| -rw-r--r-- | app/scripts/controllers/transactions/tx-state-manager.js | 5 | ||||
| -rw-r--r-- | app/scripts/inpage.js | 13 | ||||
| -rw-r--r-- | app/scripts/lib/ipfsContent.js | 2 | ||||
| -rw-r--r-- | app/scripts/lib/message-manager.js | 2 | ||||
| -rw-r--r-- | app/scripts/lib/personal-message-manager.js | 2 | ||||
| -rw-r--r-- | app/scripts/lib/setupFetchDebugging.js | 34 | ||||
| -rw-r--r-- | app/scripts/metamask-controller.js | 45 | ||||
| -rw-r--r-- | app/scripts/phishing-detect.js | 58 |
16 files changed, 275 insertions, 46 deletions
diff --git a/app/scripts/background.js b/app/scripts/background.js index ae450352e..509a0001d 100644 --- a/app/scripts/background.js +++ b/app/scripts/background.js @@ -2,6 +2,9 @@ * @file The entry point for the web extension singleton process. */ +// this needs to run before anything else +require('./lib/setupFetchDebugging')() + const urlUtil = require('url') const endOfStream = require('end-of-stream') const pump = require('pump') @@ -38,7 +41,6 @@ const { const firstTimeState = Object.assign({}, rawFirstTimeState, global.METAMASK_TEST_CONFIG) const STORAGE_KEY = 'metamask-config' -const METAMASK_DEBUG = process.env.METAMASK_DEBUG log.setDefaultLevel(process.env.METAMASK_DEBUG ? 'debug' : 'warn') @@ -462,11 +464,3 @@ function showWatchAssetUi () { } ) } - -// On first install, open a window to MetaMask website to how-it-works. -extension.runtime.onInstalled.addListener(function (details) { - if ((details.reason === 'install') && (!METAMASK_DEBUG)) { - extension.tabs.create({url: 'https://metamask.io/#how-it-works'}) - } -}) - diff --git a/app/scripts/contentscript.js b/app/scripts/contentscript.js index 2cbfb811e..33523eb46 100644 --- a/app/scripts/contentscript.js +++ b/app/scripts/contentscript.js @@ -1,6 +1,7 @@ const fs = require('fs') const path = require('path') const pump = require('pump') +const querystring = require('querystring') const LocalMessageDuplexStream = require('post-message-stream') const PongStream = require('ping-pong-stream/pong') const ObjectMultiplex = require('obj-multiplex') @@ -134,17 +135,22 @@ function doctypeCheck () { } /** - * Checks the current document extension + * Returns whether or not the extension (suffix) of the current document is prohibited * - * @returns {boolean} {@code true} if the current extension is not prohibited + * This checks {@code window.location.pathname} against a set of file extensions + * that should not have web3 injected into them. This check is indifferent of query parameters + * in the location. + * + * @returns {boolean} whether or not the extension of the current document is prohibited */ function suffixCheck () { - var prohibitedTypes = ['xml', 'pdf'] - var currentUrl = window.location.href - var currentRegex + const prohibitedTypes = [ + /\.xml$/, + /\.pdf$/, + ] + const currentUrl = window.location.pathname for (let i = 0; i < prohibitedTypes.length; i++) { - currentRegex = new RegExp(`\\.${prohibitedTypes[i]}$`) - if (currentRegex.test(currentUrl)) { + if (prohibitedTypes[i].test(currentUrl)) { return false } } @@ -199,5 +205,8 @@ function blacklistedDomainCheck () { function redirectToPhishingWarning () { console.log('MetaMask - routing to Phishing Warning component') const extensionURL = extension.runtime.getURL('phishing.html') - window.location.href = extensionURL + '#' + window.location.hostname + window.location.href = `${extensionURL}#${querystring.stringify({ + hostname: window.location.hostname, + href: window.location.href, + })}` } diff --git a/app/scripts/controllers/blacklist.js b/app/scripts/controllers/blacklist.js index 1d2191433..89c7cc888 100644 --- a/app/scripts/controllers/blacklist.js +++ b/app/scripts/controllers/blacklist.js @@ -29,6 +29,7 @@ class BlacklistController { constructor (opts = {}) { const initState = extend({ phishing: PHISHING_DETECTION_CONFIG, + whitelist: [], }, opts.initState) this.store = new ObservableStore(initState) // phishing detector @@ -39,6 +40,21 @@ class BlacklistController { } /** + * Adds the given hostname to the runtime whitelist + * @param {string} hostname the hostname to whitelist + */ + whitelistDomain (hostname) { + if (!hostname) { + return + } + + const { whitelist } = this.store.getState() + this.store.updateState({ + whitelist: [...new Set([hostname, ...whitelist])], + }) + } + + /** * Given a url, returns the result of checking if that url is in the store.phishing blacklist * * @param {string} hostname The hostname portion of a url; the one that will be checked against the white and @@ -48,6 +64,12 @@ class BlacklistController { */ checkForPhishing (hostname) { if (!hostname) return false + + const { whitelist } = this.store.getState() + if (whitelist.some((e) => e === hostname)) { + return false + } + const { result } = this._phishingDetector.check(hostname) return result } diff --git a/app/scripts/controllers/network/createInfuraClient.js b/app/scripts/controllers/network/createInfuraClient.js index 41af4d9f9..326bcb355 100644 --- a/app/scripts/controllers/network/createInfuraClient.js +++ b/app/scripts/controllers/network/createInfuraClient.js @@ -1,5 +1,6 @@ const mergeMiddleware = require('json-rpc-engine/src/mergeMiddleware') -const createBlockReEmitMiddleware = require('eth-json-rpc-middleware/block-reemit') +const createBlockReRefMiddleware = require('eth-json-rpc-middleware/block-ref') +const createRetryOnEmptyMiddleware = require('eth-json-rpc-middleware/retryOnEmpty') const createBlockCacheMiddleware = require('eth-json-rpc-middleware/block-cache') const createInflightMiddleware = require('eth-json-rpc-middleware/inflight-cache') const createBlockTrackerInspectorMiddleware = require('eth-json-rpc-middleware/block-tracker-inspector') @@ -11,13 +12,14 @@ module.exports = createInfuraClient function createInfuraClient ({ network }) { const infuraMiddleware = createInfuraMiddleware({ network }) - const blockProvider = providerFromMiddleware(infuraMiddleware) - const blockTracker = new BlockTracker({ provider: blockProvider }) + const infuraProvider = providerFromMiddleware(infuraMiddleware) + const blockTracker = new BlockTracker({ provider: infuraProvider }) const networkMiddleware = mergeMiddleware([ createBlockCacheMiddleware({ blockTracker }), createInflightMiddleware(), - createBlockReEmitMiddleware({ blockTracker, provider: blockProvider }), + createBlockReRefMiddleware({ blockTracker, provider: infuraProvider }), + createRetryOnEmptyMiddleware({ blockTracker, provider: infuraProvider }), createBlockTrackerInspectorMiddleware({ blockTracker }), infuraMiddleware, ]) diff --git a/app/scripts/controllers/network/createJsonRpcClient.js b/app/scripts/controllers/network/createJsonRpcClient.js index 40c353f7f..a8cbf2aaf 100644 --- a/app/scripts/controllers/network/createJsonRpcClient.js +++ b/app/scripts/controllers/network/createJsonRpcClient.js @@ -1,6 +1,6 @@ const mergeMiddleware = require('json-rpc-engine/src/mergeMiddleware') const createFetchMiddleware = require('eth-json-rpc-middleware/fetch') -const createBlockRefMiddleware = require('eth-json-rpc-middleware/block-ref') +const createBlockRefRewriteMiddleware = require('eth-json-rpc-middleware/block-ref-rewrite') const createBlockCacheMiddleware = require('eth-json-rpc-middleware/block-cache') const createInflightMiddleware = require('eth-json-rpc-middleware/inflight-cache') const createBlockTrackerInspectorMiddleware = require('eth-json-rpc-middleware/block-tracker-inspector') @@ -15,7 +15,7 @@ function createJsonRpcClient ({ rpcUrl }) { const blockTracker = new BlockTracker({ provider: blockProvider }) const networkMiddleware = mergeMiddleware([ - createBlockRefMiddleware({ blockTracker }), + createBlockRefRewriteMiddleware({ blockTracker }), createBlockCacheMiddleware({ blockTracker }), createInflightMiddleware(), createBlockTrackerInspectorMiddleware({ blockTracker }), diff --git a/app/scripts/controllers/network/createLocalhostClient.js b/app/scripts/controllers/network/createLocalhostClient.js index fecc512e8..09b1d3c1c 100644 --- a/app/scripts/controllers/network/createLocalhostClient.js +++ b/app/scripts/controllers/network/createLocalhostClient.js @@ -1,6 +1,6 @@ const mergeMiddleware = require('json-rpc-engine/src/mergeMiddleware') const createFetchMiddleware = require('eth-json-rpc-middleware/fetch') -const createBlockRefMiddleware = require('eth-json-rpc-middleware/block-ref') +const createBlockRefRewriteMiddleware = require('eth-json-rpc-middleware/block-ref-rewrite') const createBlockTrackerInspectorMiddleware = require('eth-json-rpc-middleware/block-tracker-inspector') const providerFromMiddleware = require('eth-json-rpc-middleware/providerFromMiddleware') const BlockTracker = require('eth-block-tracker') @@ -13,7 +13,7 @@ function createLocalhostClient () { const blockTracker = new BlockTracker({ provider: blockProvider, pollingInterval: 1000 }) const networkMiddleware = mergeMiddleware([ - createBlockRefMiddleware({ blockTracker }), + createBlockRefRewriteMiddleware({ blockTracker }), createBlockTrackerInspectorMiddleware({ blockTracker }), fetchMiddleware, ]) diff --git a/app/scripts/controllers/preferences.js b/app/scripts/controllers/preferences.js index 928ebdf1f..8eb2bce0c 100644 --- a/app/scripts/controllers/preferences.js +++ b/app/scripts/controllers/preferences.js @@ -38,6 +38,9 @@ class PreferencesController { lostIdentities: {}, seedWords: null, forgottenPassword: false, + preferences: { + useETHAsPrimaryCurrency: true, + }, }, opts.initState) this.diagnostics = opts.diagnostics @@ -375,11 +378,12 @@ class PreferencesController { * Gets an updated rpc list from this.addToFrequentRpcList() and sets the `frequentRpcList` to this update list. * * @param {string} _url The the new rpc url to add to the updated list + * @param {bool} remove Remove selected url * @returns {Promise<void>} Promise resolves with undefined * */ - updateFrequentRpcList (_url) { - return this.addToFrequentRpcList(_url) + updateFrequentRpcList (_url, remove = false) { + return this.addToFrequentRpcList(_url, remove) .then((rpcList) => { this.store.updateState({ frequentRpcList: rpcList }) return Promise.resolve() @@ -406,21 +410,19 @@ class PreferencesController { * end of the list. The current list is modified and returned as a promise. * * @param {string} _url The rpc url to add to the frequentRpcList. + * @param {bool} remove Remove selected url * @returns {Promise<array>} The updated frequentRpcList. * */ - addToFrequentRpcList (_url) { + addToFrequentRpcList (_url, remove = false) { const rpcList = this.getFrequentRpcList() const index = rpcList.findIndex((element) => { return element === _url }) if (index !== -1) { rpcList.splice(index, 1) } - if (_url !== 'http://localhost:8545') { + if (!remove && _url !== 'http://localhost:8545') { rpcList.push(_url) } - if (rpcList.length > 3) { - rpcList.shift() - } return Promise.resolve(rpcList) } @@ -464,6 +466,33 @@ class PreferencesController { getFeatureFlags () { return this.store.getState().featureFlags } + + /** + * Updates the `preferences` property, which is an object. These are user-controlled features + * found in the settings page. + * @param {string} preference The preference to enable or disable. + * @param {boolean} value Indicates whether or not the preference should be enabled or disabled. + * @returns {Promise<object>} Promises a new object; the updated preferences object. + */ + setPreference (preference, value) { + const currentPreferences = this.getPreferences() + const updatedPreferences = { + ...currentPreferences, + [preference]: value, + } + + this.store.updateState({ preferences: updatedPreferences }) + return Promise.resolve(updatedPreferences) + } + + /** + * A getter for the `preferences` property + * @returns {object} A key-boolean map of user-selected preferences. + */ + getPreferences () { + return this.store.getState().preferences + } + // // PRIVATE METHODS // diff --git a/app/scripts/controllers/transactions/index.js b/app/scripts/controllers/transactions/index.js index e2965ceb6..9f2290924 100644 --- a/app/scripts/controllers/transactions/index.js +++ b/app/scripts/controllers/transactions/index.js @@ -166,6 +166,10 @@ class TransactionController extends EventEmitter { async addUnapprovedTransaction (txParams) { // validate const normalizedTxParams = txUtils.normalizeTxParams(txParams) + // Assert the from address is the selected address + if (normalizedTxParams.from !== this.getSelectedAddress()) { + throw new Error(`Transaction from address isn't valid for this account`) + } txUtils.validateTxParams(normalizedTxParams) // construct txMeta let txMeta = this.txStateManager.generateTxMeta({ @@ -362,7 +366,40 @@ class TransactionController extends EventEmitter { this.txStateManager.setTxStatusSubmitted(txId) } - confirmTransaction (txId) { + /** + * Sets the status of the transaction to confirmed and sets the status of nonce duplicates as + * dropped if the txParams have data it will fetch the txReceipt + * @param {number} txId - The tx's ID + * @returns {Promise<void>} + */ + async confirmTransaction (txId) { + // get the txReceipt before marking the transaction confirmed + // to ensure the receipt is gotten before the ui revives the tx + const txMeta = this.txStateManager.getTx(txId) + + if (!txMeta) { + return + } + + try { + const txReceipt = await this.query.getTransactionReceipt(txMeta.hash) + + // It seems that sometimes the numerical values being returned from + // this.query.getTransactionReceipt are BN instances and not strings. + const gasUsed = typeof txReceipt.gasUsed !== 'string' + ? txReceipt.gasUsed.toString(16) + : txReceipt.gasUsed + + txMeta.txReceipt = { + ...txReceipt, + gasUsed, + } + + this.txStateManager.updateTx(txMeta, 'transactions#confirmTransaction - add txReceipt') + } catch (err) { + log.error(err) + } + this.txStateManager.setTxStatusConfirmed(txId) this._markNonceDuplicatesDropped(txId) } @@ -530,6 +567,7 @@ class TransactionController extends EventEmitter { Updates the memStore in transaction controller */ _updateMemstore () { + this.pendingTxTracker.updatePendingTxs() const unapprovedTxs = this.txStateManager.getUnapprovedTxList() const selectedAddressTxList = this.txStateManager.getFilteredTxList({ from: this.getSelectedAddress(), diff --git a/app/scripts/controllers/transactions/tx-state-manager.js b/app/scripts/controllers/transactions/tx-state-manager.js index daa6cc388..58c48e34e 100644 --- a/app/scripts/controllers/transactions/tx-state-manager.js +++ b/app/scripts/controllers/transactions/tx-state-manager.js @@ -400,6 +400,11 @@ class TransactionStateManager extends EventEmitter { */ _setTxStatus (txId, status) { const txMeta = this.getTx(txId) + + if (!txMeta) { + return + } + txMeta.status = status setTimeout(() => { try { diff --git a/app/scripts/inpage.js b/app/scripts/inpage.js index d924be516..431702d63 100644 --- a/app/scripts/inpage.js +++ b/app/scripts/inpage.js @@ -5,6 +5,7 @@ const log = require('loglevel') const LocalMessageDuplexStream = require('post-message-stream') const setupDappAutoReload = require('./lib/auto-reload.js') const MetamaskInpageProvider = require('metamask-inpage-provider') + restoreContextAfterImports() log.setDefaultLevel(process.env.METAMASK_DEBUG ? 'debug' : 'warn') @@ -44,7 +45,15 @@ inpageProvider.enable = function (options = {}) { }) } -window.ethereum = inpageProvider +// Work around for web3@1.0 deleting the bound `sendAsync` but not the unbound +// `sendAsync` method on the prototype, causing `this` reference issues with drizzle +const proxiedInpageProvider = new Proxy(inpageProvider, { + // straight up lie that we deleted the property so that it doesnt + // throw an error in strict mode + deleteProperty: () => true, +}) + +window.ethereum = proxiedInpageProvider // // setup web3 @@ -58,7 +67,7 @@ if (typeof window.web3 !== 'undefined') { and try again.`) } -var web3 = new Web3(inpageProvider) +var web3 = new Web3(proxiedInpageProvider) web3.setProvider = function () { log.debug('MetaMask - overrode web3.setProvider') } diff --git a/app/scripts/lib/ipfsContent.js b/app/scripts/lib/ipfsContent.js index 62a808b90..8b08453c4 100644 --- a/app/scripts/lib/ipfsContent.js +++ b/app/scripts/lib/ipfsContent.js @@ -36,7 +36,7 @@ module.exports = function (provider) { return { cancel: true } } - extension.webRequest.onErrorOccurred.addListener(ipfsContent, {urls: ['*://*.eth/']}) + extension.webRequest.onErrorOccurred.addListener(ipfsContent, {urls: ['*://*.eth/'], types: ['main_frame']}) return { remove () { diff --git a/app/scripts/lib/message-manager.js b/app/scripts/lib/message-manager.js index 47925b94b..e86629590 100644 --- a/app/scripts/lib/message-manager.js +++ b/app/scripts/lib/message-manager.js @@ -272,6 +272,6 @@ function normalizeMsgData (data) { return data } else { // data is unicode, convert to hex - return ethUtil.bufferToHex(new Buffer(data, 'utf8')) + return ethUtil.bufferToHex(Buffer.from(data, 'utf8')) } } diff --git a/app/scripts/lib/personal-message-manager.js b/app/scripts/lib/personal-message-manager.js index fc2cccdf1..fdb94f5ec 100644 --- a/app/scripts/lib/personal-message-manager.js +++ b/app/scripts/lib/personal-message-manager.js @@ -285,7 +285,7 @@ module.exports = class PersonalMessageManager extends EventEmitter { log.debug(`Message was not hex encoded, interpreting as utf8.`) } - return ethUtil.bufferToHex(new Buffer(data, 'utf8')) + return ethUtil.bufferToHex(Buffer.from(data, 'utf8')) } } diff --git a/app/scripts/lib/setupFetchDebugging.js b/app/scripts/lib/setupFetchDebugging.js new file mode 100644 index 000000000..dd87b65a6 --- /dev/null +++ b/app/scripts/lib/setupFetchDebugging.js @@ -0,0 +1,34 @@ +module.exports = setupFetchDebugging + +// +// This is a utility to help resolve cases where `window.fetch` throws a +// `TypeError: Failed to Fetch` without any stack or context for the request +// https://github.com/getsentry/sentry-javascript/pull/1293 +// + +function setupFetchDebugging() { + if (!global.fetch) return + const originalFetch = global.fetch + + global.fetch = wrappedFetch + + async function wrappedFetch(...args) { + const initialStack = getCurrentStack() + try { + return await originalFetch.call(window, ...args) + } catch (err) { + console.warn('FetchDebugger - fetch encountered an Error', err) + console.warn('FetchDebugger - overriding stack to point of original call') + err.stack = initialStack + throw err + } + } +} + +function getCurrentStack() { + try { + throw new Error('Fake error for generating stack trace') + } catch (err) { + return err.stack + } +} diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js index 4cf7567d4..32ceb6790 100644 --- a/app/scripts/metamask-controller.js +++ b/app/scripts/metamask-controller.js @@ -15,6 +15,7 @@ const RpcEngine = require('json-rpc-engine') const debounce = require('debounce') const createEngineStream = require('json-rpc-middleware-stream/engineStream') const createFilterMiddleware = require('eth-json-rpc-filters') +const createSubscriptionManager = require('eth-json-rpc-filters/subscriptionManager') const createOriginMiddleware = require('./lib/createOriginMiddleware') const createLoggerMiddleware = require('./lib/createLoggerMiddleware') const createProviderMiddleware = require('./lib/createProviderMiddleware') @@ -382,6 +383,7 @@ module.exports = class MetamaskController extends EventEmitter { // network management setProviderType: nodeify(networkController.setProviderType, networkController), setCustomRpc: nodeify(this.setCustomRpc, this), + delCustomRpc: nodeify(this.delCustomRpc, this), // PreferencesController setSelectedAddress: nodeify(preferencesController.setSelectedAddress, preferencesController), @@ -391,6 +393,10 @@ module.exports = class MetamaskController extends EventEmitter { setCurrentAccountTab: nodeify(preferencesController.setCurrentAccountTab, preferencesController), setAccountLabel: nodeify(preferencesController.setAccountLabel, preferencesController), setFeatureFlag: nodeify(preferencesController.setFeatureFlag, preferencesController), + setPreference: nodeify(preferencesController.setPreference, preferencesController), + + // BlacklistController + whitelistPhishingDomain: this.whitelistPhishingDomain.bind(this), // AddressController setAddressBook: nodeify(addressBookController.setAddressBook, addressBookController), @@ -557,6 +563,8 @@ module.exports = class MetamaskController extends EventEmitter { } await this.preferencesController.syncAddresses(accounts) + await this.balancesController.updateAllBalances() + await this.txController.pendingTxTracker.updatePendingTxs() return this.keyringController.fullUpdate() } @@ -1248,24 +1256,33 @@ module.exports = class MetamaskController extends EventEmitter { setupProviderConnection (outStream, origin) { // setup json rpc engine stack const engine = new RpcEngine() + const provider = this.provider + const blockTracker = this.blockTracker // create filter polyfill middleware - const filterMiddleware = createFilterMiddleware({ - provider: this.provider, - blockTracker: this.blockTracker, - }) + const filterMiddleware = createFilterMiddleware({ provider, blockTracker }) + // create subscription polyfill middleware + const subscriptionManager = createSubscriptionManager({ provider, blockTracker }) + subscriptionManager.events.on('notification', (message) => engine.emit('notification', message)) + // metadata engine.push(createOriginMiddleware({ origin })) engine.push(createLoggerMiddleware({ origin })) + // filter and subscription polyfills engine.push(filterMiddleware) + engine.push(subscriptionManager.middleware) + // watch asset engine.push(this.preferencesController.requestWatchAsset.bind(this.preferencesController)) + // sign typed data middleware engine.push(this.createTypedDataMiddleware('eth_signTypedData', 'V1').bind(this)) engine.push(this.createTypedDataMiddleware('eth_signTypedData_v1', 'V1').bind(this)) engine.push(this.createTypedDataMiddleware('eth_signTypedData_v3', 'V3', true).bind(this)) - engine.push(createProviderMiddleware({ provider: this.provider })) + // forward to metamask primary provider + engine.push(createProviderMiddleware({ provider })) // setup connection const providerStream = createEngineStream({ engine }) + pump( outStream, providerStream, @@ -1365,7 +1382,7 @@ module.exports = class MetamaskController extends EventEmitter { }) .map(number => number.div(GWEI_BN).toNumber()) - const percentileNum = percentile(50, lowestPrices) + const percentileNum = percentile(65, lowestPrices) const percentileNumBn = new BN(percentileNum) return '0x' + percentileNumBn.mul(GWEI_BN).toString(16) } @@ -1446,6 +1463,14 @@ module.exports = class MetamaskController extends EventEmitter { } /** + * A method for deleting a selected custom URL. + * @param {string} rpcTarget - A RPC URL to delete. + */ + async delCustomRpc (rpcTarget) { + await this.preferencesController.updateFrequentRpcList(rpcTarget, true) + } + + /** * Sets whether or not to use the blockie identicon format. * @param {boolean} val - True for bockie, false for jazzicon. * @param {Function} cb - A callback function called when complete. @@ -1538,4 +1563,12 @@ module.exports = class MetamaskController extends EventEmitter { } } } + + /** + * Adds a domain to the {@link BlacklistController} whitelist + * @param {string} hostname the domain to whitelist + */ + whitelistPhishingDomain (hostname) { + return this.blacklistController.whitelistDomain(hostname) + } } diff --git a/app/scripts/phishing-detect.js b/app/scripts/phishing-detect.js index 4168b6618..0889c831e 100644 --- a/app/scripts/phishing-detect.js +++ b/app/scripts/phishing-detect.js @@ -1,5 +1,59 @@ -window.onload = function() { +window.onload = function () { if (window.location.pathname === '/phishing.html') { - document.getElementById('esdbLink').innerHTML = '<b>To read more about this scam, navigate to: <a href="https://etherscamdb.info/domain/' + window.location.hash.substring(1) + '"> https://etherscamdb.info/domain/' + window.location.hash.substring(1) + '</a></b>' + const {hostname} = parseHash() + document.getElementById('esdbLink').innerHTML = '<b>To read more about this scam, navigate to: <a href="https://etherscamdb.info/domain/' + hostname + '"> https://etherscamdb.info/domain/' + hostname + '</a></b>' } } + +const querystring = require('querystring') +const dnode = require('dnode') +const { EventEmitter } = require('events') +const PortStream = require('extension-port-stream') +const extension = require('extensionizer') +const setupMultiplex = require('./lib/stream-utils.js').setupMultiplex +const { getEnvironmentType } = require('./lib/util') +const ExtensionPlatform = require('./platforms/extension') + +document.addEventListener('DOMContentLoaded', start) + +function start () { + const windowType = getEnvironmentType(window.location.href) + + global.platform = new ExtensionPlatform() + global.METAMASK_UI_TYPE = windowType + + const extensionPort = extension.runtime.connect({ name: windowType }) + const connectionStream = new PortStream(extensionPort) + const mx = setupMultiplex(connectionStream) + setupControllerConnection(mx.createStream('controller'), (err, metaMaskController) => { + if (err) { + return + } + + const suspect = parseHash() + const unsafeContinue = () => { + window.location.href = suspect.href + } + const continueLink = document.getElementById('unsafe-continue') + continueLink.addEventListener('click', () => { + metaMaskController.whitelistPhishingDomain(suspect.hostname) + unsafeContinue() + }) + }) +} + +function setupControllerConnection (connectionStream, cb) { + const eventEmitter = new EventEmitter() + const accountManagerDnode = dnode({ + sendUpdate (state) { + eventEmitter.emit('update', state) + }, + }) + connectionStream.pipe(accountManagerDnode).pipe(connectionStream) + accountManagerDnode.once('remote', (accountManager) => cb(null, accountManager)) +} + +function parseHash () { + const hash = window.location.hash.substring(1) + return querystring.parse(hash) +} |