m/metamask-extension
1
0
Fork 0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-23 02:10:12 +01:00
Code
20e16d41be
metamask-extension/test/e2e/tests/phishing-controller/phishing-detection.spec.js

316 lines
11 KiB
JavaScript
Raw Normal View History

E2e phishing detection (#13704) * phishing detection test * remove unused arg
2022-02-22 17:48:12 +01:00
const { strict: assert } = require('assert');
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
const { convertToHexValue, withFixtures, openDapp } = require('../../helpers');
const FixtureBuilder = require('../../fixture-builder');
const {
METAMASK_HOTLIST_DIFF_URL,
METAMASK_STALELIST_URL,
BlockProvider,
} = require('./helpers');
feature(16691): mv3 e2e test for phishing warning page when sw restarts (#19196) * feature(16691): mv3 e2e test for phishing warning page when sw restarts * feature(16691): code review feedback to remove console and extract helper
2023-05-19 12:17:53 +02:00
const {
setupPhishingDetectionMocks,
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
mockConfigLookupOnWarningPage,
} = require('./mocks');
E2e phishing detection (#13704) * phishing detection test * remove unused arg
2022-02-22 17:48:12 +01:00
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
describe('Phishing Detection', function () {
E2e phishing detection (#13704) * phishing detection test * remove unused arg
2022-02-22 17:48:12 +01:00
const ganacheOptions = {
accounts: [
{
secretKey:
'0x7C9529A67102755B7E6102D6D950AC5D5863C98713805CEC576B945B15B71EAC',
balance: convertToHexValue(25000000000000000000),
},
],
};
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
describe('Phishing Detection Mock', function () {
it('should be updated to use v1 of the API', function () {
// Update the fixture in phishing-controller/mocks.js if this test fails
assert.equal(
METAMASK_STALELIST_URL,
'https://phishing-detection.metafi.codefi.network/v1/stalelist',
);
assert.equal(
METAMASK_HOTLIST_DIFF_URL,
'https://phishing-detection.metafi.codefi.network/v1/diffsSince',
);
});
});
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
it('should display the MetaMask Phishing Detection page and take the user to the blocked page if they continue', async function () {
E2e phishing detection (#13704) * phishing detection test * remove unused arg
2022-02-22 17:48:12 +01:00
await withFixtures(
{
E2e test fixtures (#16061) * remove state.json files * move file * Update Readme * Create fixture builder * load test fixture * remove redundant method * update snap tests * update stats tests * update extension tests * update extension tests * Update fixture data * snap test dapp connection * Update fixture data * add onboarding fixture * use onboarding fixture * reuse import account vault * remove unnecessary use of class * use fixture builder in new tests * switch to function * update default fixture * update default fixture * update test * update 1559 test fixttures * update 1559 test fixtures * update 1559 test fixtures * dismiss 3box whats new * remove redundant code * move docs * remove unused code * token detection * use default timeout * remove redundant code * Update fixture builder hide `Protect your funds` dialog remove browser environment remove default network details hide dismiss seed backup reminder recursively merges fixture data * add token to tokencontroller * remove network details * add missing identities to preference controller * remove duplicate properties * update bip-32 to use fixturebuilder * alphabetise snap permissions * update get snaps to use fixturebuilder * Update test-snap-bip-32.spec.js wait for window * add popular network state * update test * lint
2022-10-28 10:42:12 +02:00
fixtures: new FixtureBuilder().build(),
E2e phishing detection (#13704) * phishing detection test * remove unused arg
2022-02-22 17:48:12 +01:00
ganacheOptions,
title: this.test.title,
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
testSpecificMock: async (mockServer) => {
return setupPhishingDetectionMocks(mockServer, {
blockProvider: BlockProvider.MetaMask,
blocklist: ['127.0.0.1'],
});
},
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
dapp: true,
failOnConsoleError: false,
E2e phishing detection (#13704) * phishing detection test * remove unused arg
2022-02-22 17:48:12 +01:00
},
async ({ driver }) => {
await driver.navigate();
await driver.fill('#password', 'correct horse battery staple');
await driver.press('#password', driver.Key.ENTER);
chore: refactor connect to dapp action in e2e (#19015) * chore: refactor connect to dapp action in e2e * chore: refactor 2nd dapp connection * chore: rename to openDapp
2023-05-05 15:56:08 +02:00
await openDapp(driver);
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
await driver.clickElement({
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
text: 'continue to the site.',
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
});
const header = await driver.findElement('h1');
assert.equal(await header.getText(), 'E2E Test Dapp');
},
);
});
it('should display the MetaMask Phishing Detection page in an iframe and take the user to the blocked page if they continue', async function () {
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
const DAPP_WITH_IFRAMED_PAGE_ON_BLOCKLIST = 'http://localhost:8080/';
const IFRAMED_HOSTNAME = '127.0.0.1';
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
await withFixtures(
{
E2e test fixtures (#16061) * remove state.json files * move file * Update Readme * Create fixture builder * load test fixture * remove redundant method * update snap tests * update stats tests * update extension tests * update extension tests * Update fixture data * snap test dapp connection * Update fixture data * add onboarding fixture * use onboarding fixture * reuse import account vault * remove unnecessary use of class * use fixture builder in new tests * switch to function * update default fixture * update default fixture * update test * update 1559 test fixttures * update 1559 test fixtures * update 1559 test fixtures * dismiss 3box whats new * remove redundant code * move docs * remove unused code * token detection * use default timeout * remove redundant code * Update fixture builder hide `Protect your funds` dialog remove browser environment remove default network details hide dismiss seed backup reminder recursively merges fixture data * add token to tokencontroller * remove network details * add missing identities to preference controller * remove duplicate properties * update bip-32 to use fixturebuilder * alphabetise snap permissions * update get snaps to use fixturebuilder * Update test-snap-bip-32.spec.js wait for window * add popular network state * update test * lint
2022-10-28 10:42:12 +02:00
fixtures: new FixtureBuilder().build(),
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
ganacheOptions,
title: this.test.title,
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
testSpecificMock: async (mockServer) => {
return setupPhishingDetectionMocks(mockServer, {
blockProvider: BlockProvider.MetaMask,
blocklist: [IFRAMED_HOSTNAME],
});
},
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
dapp: true,
dappPaths: ['mock-page-with-iframe'],
dappOptions: {
numberOfDapps: 2,
},
failOnConsoleError: false,
},
async ({ driver }) => {
E2e phishing detection (#13704) * phishing detection test * remove unused arg
2022-02-22 17:48:12 +01:00
await driver.navigate();
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
await driver.fill('#password', 'correct horse battery staple');
await driver.press('#password', driver.Key.ENTER);
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
await driver.openNewPage(DAPP_WITH_IFRAMED_PAGE_ON_BLOCKLIST);
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
const iframe = await driver.findElement('iframe');
await driver.switchToFrame(iframe);
Fix e2e tests The e2e tests have been updated for `@metamask/phishing-warning@1.1.0`. The iframe case was updated with a new design, which required test changes. The third test that was meant to ensure the phishing page can't redirect to an extension page has been updated to navigate directly to the phishing warning page and setting the URL manually via query parameters, as that was the only way to test that redirect.
2022-05-16 22:55:48 +02:00
await driver.clickElement({
text: 'Open this warning in a new tab',
});
await driver.switchToWindowWithTitle('MetaMask Phishing Detection');
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
await driver.clickElement({
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
text: 'continue to the site.',
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
});
E2e phishing detection (#13704) * phishing detection test * remove unused arg
2022-02-22 17:48:12 +01:00
const header = await driver.findElement('h1');
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
assert.equal(await header.getText(), 'E2E Test Dapp');
},
);
});
it('should display the MetaMask Phishing Detection page in an iframe but should NOT take the user to the blocked page if it is not an accessible resource', async function () {
await withFixtures(
{
E2e test fixtures (#16061) * remove state.json files * move file * Update Readme * Create fixture builder * load test fixture * remove redundant method * update snap tests * update stats tests * update extension tests * update extension tests * Update fixture data * snap test dapp connection * Update fixture data * add onboarding fixture * use onboarding fixture * reuse import account vault * remove unnecessary use of class * use fixture builder in new tests * switch to function * update default fixture * update default fixture * update test * update 1559 test fixttures * update 1559 test fixtures * update 1559 test fixtures * dismiss 3box whats new * remove redundant code * move docs * remove unused code * token detection * use default timeout * remove redundant code * Update fixture builder hide `Protect your funds` dialog remove browser environment remove default network details hide dismiss seed backup reminder recursively merges fixture data * add token to tokencontroller * remove network details * add missing identities to preference controller * remove duplicate properties * update bip-32 to use fixturebuilder * alphabetise snap permissions * update get snaps to use fixturebuilder * Update test-snap-bip-32.spec.js wait for window * add popular network state * update test * lint
2022-10-28 10:42:12 +02:00
fixtures: new FixtureBuilder().build(),
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
ganacheOptions,
title: this.test.title,
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
testSpecificMock: async (mockServer) => {
return setupPhishingDetectionMocks(mockServer, {
blockProvider: BlockProvider.MetaMask,
blocklist: ['127.0.0.1'],
});
},
Use externally hosted phishing warning page An externally hosted phishing warning page is now used rather than the built-in phishing warning page.The phishing page warning URL is set via configuration file or environment variable. The default URL is either the expected production URL or `http://localhost:9999/` for e2e testing environments. The new external phishing page includes a design change when it is loaded within an iframe. In that case it now shows a condensed message, and prompts the user to open the full warning page in a new tab to see more details or bypass the warning. This is to prevent a clickjacking attack from safelisting a site without user consent. The new external phishing page also includes a simple caching service worker to ensure it continues to work offline (or if our hosting goes offline), as long as the user has successfully loaded the page at least once. We also load the page temporarily during the extension startup process to trigger the service worker installation. The old phishing page and all related lines have been removed. The property `web_accessible_resources` has also been removed from the manifest. The only entry apart from the phishing page was `inpage.js`, and we don't need that to be web accessible anymore because we inject the script inline into each page rather than loading the file directly. New e2e tests have been added to cover more phishing warning page functionality, including the "safelist" action and the "iframe" case.
2022-05-06 00:28:48 +02:00
dapp: true,
dappPaths: ['mock-page-with-disallowed-iframe'],
dappOptions: {
numberOfDapps: 2,
},
failOnConsoleError: false,
},
async ({ driver }) => {
await driver.navigate();
await driver.fill('#password', 'correct horse battery staple');
await driver.press('#password', driver.Key.ENTER);
await driver.openNewPage(
`http://localhost:8080?extensionUrl=${driver.extensionUrl}`,
);
const iframe = await driver.findElement('iframe');
await driver.switchToFrame(iframe);
Fix e2e tests The e2e tests have been updated for `@metamask/phishing-warning@1.1.0`. The iframe case was updated with a new design, which required test changes. The third test that was meant to ensure the phishing page can't redirect to an extension page has been updated to navigate directly to the phishing warning page and setting the URL manually via query parameters, as that was the only way to test that redirect.
2022-05-16 22:55:48 +02:00
await driver.clickElement({
text: 'Open this warning in a new tab',
});
await driver.switchToWindowWithTitle('MetaMask Phishing Detection');
await driver.clickElement({
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
text: 'continue to the site.',
Fix e2e tests The e2e tests have been updated for `@metamask/phishing-warning@1.1.0`. The iframe case was updated with a new design, which required test changes. The third test that was meant to ensure the phishing page can't redirect to an extension page has been updated to navigate directly to the phishing warning page and setting the URL manually via query parameters, as that was the only way to test that redirect.
2022-05-16 22:55:48 +02:00
});
// Ensure we're not on the wallet home page
await driver.assertElementNotPresent('[data-testid="wallet-balance"]');
E2e phishing detection (#13704) * phishing detection test * remove unused arg
2022-02-22 17:48:12 +01:00
},
);
});
Bump controllers v30.0.2 (#14906) * bump @metamask/controllers to v30.0.2 and adapt
2022-07-18 16:43:30 +02:00
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
it('should navigate the user to eth-phishing-detect to dispute a block if the phishing warning page fails to identify the source', async function () {
await withFixtures(
{
fixtures: new FixtureBuilder().build(),
ganacheOptions,
title: this.test.title,
testSpecificMock: (mockServer) => {
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
setupPhishingDetectionMocks(mockServer, {
blockProvider: BlockProvider.MetaMask,
blocklist: ['127.0.0.1'],
});
mockConfigLookupOnWarningPage(mockServer, { statusCode: 500 });
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
},
dapp: true,
failOnConsoleError: false,
},
async ({ driver }) => {
await driver.navigate();
await driver.fill('#password', 'correct horse battery staple');
await driver.press('#password', driver.Key.ENTER);
chore: refactor connect to dapp action in e2e (#19015) * chore: refactor connect to dapp action in e2e * chore: refactor 2nd dapp connection * chore: rename to openDapp
2023-05-05 15:56:08 +02:00
await openDapp(driver);
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
await driver.clickElement({ text: 'report a detection problem.' });
// wait for page to load before checking URL.
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
await driver.findElement({
text: `Empty page by ${BlockProvider.MetaMask}`,
});
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
assert.equal(
await driver.getCurrentUrl(),
`https://github.com/MetaMask/eth-phishing-detect/issues/new?title=[Legitimate%20Site%20Blocked]%20127.0.0.1&body=http%3A%2F%2F127.0.0.1%3A8080%2F`,
);
},
);
});
it('should navigate the user to eth-phishing-detect to dispute a block from MetaMask', async function () {
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
// Must be site on actual eth-phishing-detect blocklist
const phishingSite = new URL('https://test.metamask-phishing.io');
Bump controllers v30.0.2 (#14906) * bump @metamask/controllers to v30.0.2 and adapt
2022-07-18 16:43:30 +02:00
await withFixtures(
{
E2e test fixtures (#16061) * remove state.json files * move file * Update Readme * Create fixture builder * load test fixture * remove redundant method * update snap tests * update stats tests * update extension tests * update extension tests * Update fixture data * snap test dapp connection * Update fixture data * add onboarding fixture * use onboarding fixture * reuse import account vault * remove unnecessary use of class * use fixture builder in new tests * switch to function * update default fixture * update default fixture * update test * update 1559 test fixttures * update 1559 test fixtures * update 1559 test fixtures * dismiss 3box whats new * remove redundant code * move docs * remove unused code * token detection * use default timeout * remove redundant code * Update fixture builder hide `Protect your funds` dialog remove browser environment remove default network details hide dismiss seed backup reminder recursively merges fixture data * add token to tokencontroller * remove network details * add missing identities to preference controller * remove duplicate properties * update bip-32 to use fixturebuilder * alphabetise snap permissions * update get snaps to use fixturebuilder * Update test-snap-bip-32.spec.js wait for window * add popular network state * update test * lint
2022-10-28 10:42:12 +02:00
fixtures: new FixtureBuilder().build(),
Bump controllers v30.0.2 (#14906) * bump @metamask/controllers to v30.0.2 and adapt
2022-07-18 16:43:30 +02:00
ganacheOptions,
title: this.test.title,
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
testSpecificMock: async (mockServer) => {
return setupPhishingDetectionMocks(mockServer, {
blockProvider: BlockProvider.MetaMask,
blocklist: [phishingSite.hostname],
});
},
Bump controllers v30.0.2 (#14906) * bump @metamask/controllers to v30.0.2 and adapt
2022-07-18 16:43:30 +02:00
dapp: true,
failOnConsoleError: false,
},
async ({ driver }) => {
await driver.navigate();
await driver.fill('#password', 'correct horse battery staple');
await driver.press('#password', driver.Key.ENTER);
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
await driver.openNewPage(phishingSite.href);
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
await driver.clickElement({ text: 'report a detection problem.' });
// wait for page to load before checking URL.
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
await driver.findElement({
text: `Empty page by ${BlockProvider.MetaMask}`,
});
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
assert.equal(
await driver.getCurrentUrl(),
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
`https://github.com/MetaMask/eth-phishing-detect/issues/new?title=[Legitimate%20Site%20Blocked]%20${encodeURIComponent(
phishingSite.hostname,
)}&body=${encodeURIComponent(phishingSite.href)}`,
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
);
},
);
});
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
it('should navigate the user to PhishFort to dispute a Phishfort Block', async function () {
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
await withFixtures(
{
fixtures: new FixtureBuilder().build(),
ganacheOptions,
title: this.test.title,
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
testSpecificMock: async (mockServer) => {
return setupPhishingDetectionMocks(mockServer, {
blockProvider: BlockProvider.PhishFort,
blocklist: ['127.0.0.1'],
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
});
},
dapp: true,
failOnConsoleError: false,
},
async ({ driver }) => {
await driver.navigate();
await driver.fill('#password', 'correct horse battery staple');
await driver.press('#password', driver.Key.ENTER);
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
await driver.openNewPage('http://127.0.0.1:8080');
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
await driver.clickElement({ text: 'report a detection problem.' });
// wait for page to load before checking URL.
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
await driver.findElement({
text: `Empty page by ${BlockProvider.PhishFort}`,
});
Update the PhishingController to v2 and update phishing warning page (#17835) The PhishingController has been updated to v2. This release should dramatically reduce network traffic and double the update speed of the phishing list. This was accomplished by combining both of our phishing configurations into one list (the "stalelist"), then creating a separate list of the changes just the past few days (the "hotlist"). Now users will download a smaller list more frequently (every 30 minutes rather than every hour), whereas the full list is only updated every 4 days. The combined configuration means that we no longer know which list was responsible for each block. The phishing warning page has been updated to dynamically look this information up, to ensure users are still directed to the correct place to dispute a block. This update to the phishing warning page also includes the recent redesign.
2023-02-24 16:09:00 +01:00
assert.equal(
await driver.getCurrentUrl(),
`https://github.com/phishfort/phishfort-lists/issues/new?title=[Legitimate%20Site%20Blocked]%20127.0.0.1&body=http%3A%2F%2F127.0.0.1%3A8080%2F`,
Bump controllers v30.0.2 (#14906) * bump @metamask/controllers to v30.0.2 and adapt
2022-07-18 16:43:30 +02:00
);
},
);
});
fix(18194): Redirect to extension expanded view when click back to sa… (#18376) * fix(18194): Redirect to extension expanded view when click back to safety button * Bump phishing warning version --------- Co-authored-by: Dan J Miller <danjm.com@gmail.com>
2023-03-31 11:00:44 +02:00
it('should open a new extension expanded view when clicking back to safety button', async function () {
await withFixtures(
{
fixtures: new FixtureBuilder().build(),
ganacheOptions,
title: this.test.title,
Update @metamask/phishing-controller to v4.0.0 (#18840) * Update phishing controller to v4.0.0 * Move phishing e2e test utilities into its own helper.js * Update phishing detection e2e test * Update MetaMask Controller test mocks * Update mv3 phishing tests * Fix test for 500 error on warning page * Allow for directories in test folder * Update migration number * Linting fixes * Remove fail on console error * Separate mocks from helpers * Have migration delete PhishingController state entirely * Remove phishing detection directory * Only delete the listState in migration * Bump migration version
2023-07-31 14:48:48 +02:00
testSpecificMock: async (mockServer) => {
return setupPhishingDetectionMocks(mockServer, {
blockProvider: BlockProvider.MetaMask,
blocklist: ['127.0.0.1'],
});
},
fix(18194): Redirect to extension expanded view when click back to sa… (#18376) * fix(18194): Redirect to extension expanded view when click back to safety button * Bump phishing warning version --------- Co-authored-by: Dan J Miller <danjm.com@gmail.com>
2023-03-31 11:00:44 +02:00
dapp: true,
dappPaths: ['mock-page-with-disallowed-iframe'],
dappOptions: {
numberOfDapps: 2,
},
failOnConsoleError: false,
},
async ({ driver }) => {
await driver.navigate();
await driver.fill('#password', 'correct horse battery staple');
await driver.press('#password', driver.Key.ENTER);
await driver.openNewPage(
`http://localhost:8080?extensionUrl=${driver.extensionUrl}`,
);
const iframe = await driver.findElement('iframe');
await driver.switchToFrame(iframe);
await driver.clickElement({
text: 'Open this warning in a new tab',
});
await driver.switchToWindowWithTitle('MetaMask Phishing Detection');
await driver.clickElement({
text: 'Back to safety',
});
// Ensure we're redirected to wallet home page
const homePage = await driver.findElement('.home__main-view');
const homePageDisplayed = await homePage.isDisplayed();
assert.equal(homePageDisplayed, true);
},
);
});
E2e phishing detection (#13704) * phishing detection test * remove unused arg
2022-02-22 17:48:12 +01:00
});
Copy Permalink