2022-02-22 17:48:12 +01:00
const { strict : assert } = require ( 'assert' ) ;
2023-05-05 15:56:08 +02:00
const { convertToHexValue , withFixtures , openDapp } = require ( '../helpers' ) ;
2022-10-28 10:42:12 +02:00
const FixtureBuilder = require ( '../fixture-builder' ) ;
2022-02-22 17:48:12 +01:00
2023-02-24 16:09:00 +01:00
const STALELIST _URL =
'https://static.metafi.codefi.network/api/v1/lists/stalelist.json' ;
2022-07-18 16:43:30 +02:00
2023-02-24 16:09:00 +01:00
const emptyHtmlPage = ` <!DOCTYPE html>
< html lang = "en" >
< head >
< meta charset = "utf-8" >
< title > title < / t i t l e >
< / h e a d >
< body >
Empty page
< / b o d y >
< / h t m l > ` ;
/ * *
* Setup fetch mocks for the phishing detection feature .
*
* The mock configuration will show that "127.0.0.1" is blocked . The dynamic lookup on the warning
* page can be customized , so that we can test both the MetaMask and PhishFort block cases .
*
* @ param { import ( 'mockttp' ) . Mockttp } mockServer - The mock server .
* @ param { object } metamaskPhishingConfigResponse - The response for the dynamic phishing
* configuration lookup performed by the warning page .
* /
async function setupPhishingDetectionMocks (
mockServer ,
metamaskPhishingConfigResponse ,
) {
await mockServer . forGet ( STALELIST _URL ) . thenCallback ( ( ) => {
return {
statusCode : 200 ,
json : {
version : 2 ,
tolerance : 2 ,
fuzzylist : [ ] ,
allowlist : [ ] ,
blocklist : [ '127.0.0.1' ] ,
lastUpdated : 0 ,
} ,
} ;
} ) ;
await mockServer
. forGet ( 'https://github.com/MetaMask/eth-phishing-detect/issues/new' )
. thenCallback ( ( ) => {
return {
statusCode : 200 ,
body : emptyHtmlPage ,
} ;
} ) ;
await mockServer
. forGet ( 'https://github.com/phishfort/phishfort-lists/issues/new' )
. thenCallback ( ( ) => {
2022-07-18 16:43:30 +02:00
return {
statusCode : 200 ,
2023-02-24 16:09:00 +01:00
body : emptyHtmlPage ,
2022-07-18 16:43:30 +02:00
} ;
} ) ;
2023-02-24 16:09:00 +01:00
await mockServer
. forGet (
'https://raw.githubusercontent.com/MetaMask/eth-phishing-detect/master/src/config.json' ,
)
. thenCallback ( ( ) => metamaskPhishingConfigResponse ) ;
}
describe ( 'Phishing Detection' , function ( ) {
function mockPhishingDetection ( mockServer ) {
setupPhishingDetectionMocks ( mockServer , {
statusCode : 200 ,
json : {
version : 2 ,
tolerance : 2 ,
fuzzylist : [ ] ,
whitelist : [ ] ,
blacklist : [ '127.0.0.1' ] ,
lastUpdated : 0 ,
} ,
} ) ;
2022-07-18 16:43:30 +02:00
}
2023-02-24 16:09:00 +01:00
2022-02-22 17:48:12 +01:00
const ganacheOptions = {
accounts : [
{
secretKey :
'0x7C9529A67102755B7E6102D6D950AC5D5863C98713805CEC576B945B15B71EAC' ,
balance : convertToHexValue ( 25000000000000000000 ) ,
} ,
] ,
} ;
2023-02-24 16:09:00 +01:00
2022-05-06 00:28:48 +02:00
it ( 'should display the MetaMask Phishing Detection page and take the user to the blocked page if they continue' , async function ( ) {
2022-02-22 17:48:12 +01:00
await withFixtures (
{
2022-10-28 10:42:12 +02:00
fixtures : new FixtureBuilder ( ) . build ( ) ,
2022-02-22 17:48:12 +01:00
ganacheOptions ,
title : this . test . title ,
testSpecificMock : mockPhishingDetection ,
2022-05-06 00:28:48 +02:00
dapp : true ,
failOnConsoleError : false ,
2022-02-22 17:48:12 +01:00
} ,
async ( { driver } ) => {
await driver . navigate ( ) ;
await driver . fill ( '#password' , 'correct horse battery staple' ) ;
await driver . press ( '#password' , driver . Key . ENTER ) ;
2023-05-05 15:56:08 +02:00
await openDapp ( driver ) ;
2022-05-06 00:28:48 +02:00
await driver . clickElement ( {
2023-02-24 16:09:00 +01:00
text : 'continue to the site.' ,
2022-05-06 00:28:48 +02:00
} ) ;
const header = await driver . findElement ( 'h1' ) ;
assert . equal ( await header . getText ( ) , 'E2E Test Dapp' ) ;
} ,
) ;
} ) ;
it ( 'should display the MetaMask Phishing Detection page in an iframe and take the user to the blocked page if they continue' , async function ( ) {
await withFixtures (
{
2022-10-28 10:42:12 +02:00
fixtures : new FixtureBuilder ( ) . build ( ) ,
2022-05-06 00:28:48 +02:00
ganacheOptions ,
title : this . test . title ,
testSpecificMock : mockPhishingDetection ,
dapp : true ,
dappPaths : [ 'mock-page-with-iframe' ] ,
dappOptions : {
numberOfDapps : 2 ,
} ,
failOnConsoleError : false ,
} ,
async ( { driver } ) => {
2022-02-22 17:48:12 +01:00
await driver . navigate ( ) ;
2022-05-06 00:28:48 +02:00
await driver . fill ( '#password' , 'correct horse battery staple' ) ;
await driver . press ( '#password' , driver . Key . ENTER ) ;
await driver . openNewPage ( 'http://localhost:8080/' ) ;
const iframe = await driver . findElement ( 'iframe' ) ;
await driver . switchToFrame ( iframe ) ;
2022-05-16 22:55:48 +02:00
await driver . clickElement ( {
text : 'Open this warning in a new tab' ,
} ) ;
await driver . switchToWindowWithTitle ( 'MetaMask Phishing Detection' ) ;
2022-05-06 00:28:48 +02:00
await driver . clickElement ( {
2023-02-24 16:09:00 +01:00
text : 'continue to the site.' ,
2022-05-06 00:28:48 +02:00
} ) ;
2022-02-22 17:48:12 +01:00
const header = await driver . findElement ( 'h1' ) ;
2022-05-06 00:28:48 +02:00
assert . equal ( await header . getText ( ) , 'E2E Test Dapp' ) ;
} ,
) ;
} ) ;
it ( 'should display the MetaMask Phishing Detection page in an iframe but should NOT take the user to the blocked page if it is not an accessible resource' , async function ( ) {
await withFixtures (
{
2022-10-28 10:42:12 +02:00
fixtures : new FixtureBuilder ( ) . build ( ) ,
2022-05-06 00:28:48 +02:00
ganacheOptions ,
title : this . test . title ,
testSpecificMock : mockPhishingDetection ,
dapp : true ,
dappPaths : [ 'mock-page-with-disallowed-iframe' ] ,
dappOptions : {
numberOfDapps : 2 ,
} ,
failOnConsoleError : false ,
} ,
async ( { driver } ) => {
await driver . navigate ( ) ;
await driver . fill ( '#password' , 'correct horse battery staple' ) ;
await driver . press ( '#password' , driver . Key . ENTER ) ;
await driver . openNewPage (
` http://localhost:8080?extensionUrl= ${ driver . extensionUrl } ` ,
) ;
const iframe = await driver . findElement ( 'iframe' ) ;
await driver . switchToFrame ( iframe ) ;
2022-05-16 22:55:48 +02:00
await driver . clickElement ( {
text : 'Open this warning in a new tab' ,
} ) ;
await driver . switchToWindowWithTitle ( 'MetaMask Phishing Detection' ) ;
await driver . clickElement ( {
2023-02-24 16:09:00 +01:00
text : 'continue to the site.' ,
2022-05-16 22:55:48 +02:00
} ) ;
// Ensure we're not on the wallet home page
await driver . assertElementNotPresent ( '[data-testid="wallet-balance"]' ) ;
2022-02-22 17:48:12 +01:00
} ,
) ;
} ) ;
2022-07-18 16:43:30 +02:00
2023-02-24 16:09:00 +01:00
it ( 'should navigate the user to eth-phishing-detect to dispute a block if the phishing warning page fails to identify the source' , async function ( ) {
await withFixtures (
{
fixtures : new FixtureBuilder ( ) . build ( ) ,
ganacheOptions ,
title : this . test . title ,
testSpecificMock : ( mockServer ) => {
setupPhishingDetectionMocks ( mockServer , { statusCode : 500 } ) ;
} ,
dapp : true ,
failOnConsoleError : false ,
} ,
async ( { driver } ) => {
await driver . navigate ( ) ;
await driver . fill ( '#password' , 'correct horse battery staple' ) ;
await driver . press ( '#password' , driver . Key . ENTER ) ;
2023-05-05 15:56:08 +02:00
await openDapp ( driver ) ;
2023-02-24 16:09:00 +01:00
await driver . clickElement ( { text : 'report a detection problem.' } ) ;
// wait for page to load before checking URL.
await driver . findElement ( { text : 'Empty page' } ) ;
assert . equal (
await driver . getCurrentUrl ( ) ,
` https://github.com/MetaMask/eth-phishing-detect/issues/new?title=[Legitimate%20Site%20Blocked]%20127.0.0.1&body=http%3A%2F%2F127.0.0.1%3A8080%2F ` ,
) ;
} ,
) ;
} ) ;
it ( 'should navigate the user to eth-phishing-detect to dispute a block from MetaMask' , async function ( ) {
2022-07-18 16:43:30 +02:00
await withFixtures (
{
2022-10-28 10:42:12 +02:00
fixtures : new FixtureBuilder ( ) . build ( ) ,
2022-07-18 16:43:30 +02:00
ganacheOptions ,
title : this . test . title ,
2023-02-24 16:09:00 +01:00
testSpecificMock : mockPhishingDetection ,
2022-07-18 16:43:30 +02:00
dapp : true ,
failOnConsoleError : false ,
} ,
async ( { driver } ) => {
await driver . navigate ( ) ;
await driver . fill ( '#password' , 'correct horse battery staple' ) ;
await driver . press ( '#password' , driver . Key . ENTER ) ;
2023-05-05 15:56:08 +02:00
await openDapp ( driver ) ;
2023-02-24 16:09:00 +01:00
await driver . clickElement ( { text : 'report a detection problem.' } ) ;
// wait for page to load before checking URL.
await driver . findElement ( { text : 'Empty page' } ) ;
assert . equal (
await driver . getCurrentUrl ( ) ,
` https://github.com/MetaMask/eth-phishing-detect/issues/new?title=[Legitimate%20Site%20Blocked]%20127.0.0.1&body=http%3A%2F%2F127.0.0.1%3A8080%2F ` ,
) ;
} ,
) ;
} ) ;
it ( 'should navigate the user to PhishFort to dispute a block from MetaMask' , async function ( ) {
await withFixtures (
{
fixtures : new FixtureBuilder ( ) . build ( ) ,
ganacheOptions ,
title : this . test . title ,
testSpecificMock : ( mockServer ) => {
setupPhishingDetectionMocks ( mockServer , {
statusCode : 200 ,
json : {
version : 2 ,
tolerance : 2 ,
fuzzylist : [ ] ,
whitelist : [ ] ,
blacklist : [ ] ,
lastUpdated : 0 ,
} ,
} ) ;
} ,
dapp : true ,
failOnConsoleError : false ,
} ,
async ( { driver } ) => {
await driver . navigate ( ) ;
await driver . fill ( '#password' , 'correct horse battery staple' ) ;
await driver . press ( '#password' , driver . Key . ENTER ) ;
2023-05-05 15:56:08 +02:00
await openDapp ( driver ) ;
2023-02-24 16:09:00 +01:00
await driver . clickElement ( { text : 'report a detection problem.' } ) ;
// wait for page to load before checking URL.
await driver . findElement ( { text : 'Empty page' } ) ;
assert . equal (
await driver . getCurrentUrl ( ) ,
` https://github.com/phishfort/phishfort-lists/issues/new?title=[Legitimate%20Site%20Blocked]%20127.0.0.1&body=http%3A%2F%2F127.0.0.1%3A8080%2F ` ,
2022-07-18 16:43:30 +02:00
) ;
} ,
) ;
} ) ;
2023-03-31 11:00:44 +02:00
it ( 'should open a new extension expanded view when clicking back to safety button' , async function ( ) {
await withFixtures (
{
fixtures : new FixtureBuilder ( ) . build ( ) ,
ganacheOptions ,
title : this . test . title ,
testSpecificMock : mockPhishingDetection ,
dapp : true ,
dappPaths : [ 'mock-page-with-disallowed-iframe' ] ,
dappOptions : {
numberOfDapps : 2 ,
} ,
failOnConsoleError : false ,
} ,
async ( { driver } ) => {
await driver . navigate ( ) ;
await driver . fill ( '#password' , 'correct horse battery staple' ) ;
await driver . press ( '#password' , driver . Key . ENTER ) ;
await driver . openNewPage (
` http://localhost:8080?extensionUrl= ${ driver . extensionUrl } ` ,
) ;
const iframe = await driver . findElement ( 'iframe' ) ;
await driver . switchToFrame ( iframe ) ;
await driver . clickElement ( {
text : 'Open this warning in a new tab' ,
} ) ;
await driver . switchToWindowWithTitle ( 'MetaMask Phishing Detection' ) ;
await driver . clickElement ( {
text : 'Back to safety' ,
} ) ;
// Ensure we're redirected to wallet home page
const homePage = await driver . findElement ( '.home__main-view' ) ;
const homePageDisplayed = await homePage . isDisplayed ( ) ;
assert . equal ( homePageDisplayed , true ) ;
} ,
) ;
} ) ;
2022-02-22 17:48:12 +01:00
} ) ;