mirror of
https://github.com/kremalicious/metamask-extension.git
synced 2024-12-23 09:52:26 +01:00
Replace blacklist/whitelist with blocklist/safelist (#8765)
* blacklist -> blocklist; whitelist -> safelist * blocklisted -> blocked Co-authored-by: Erik Marks <rekmarks@protonmail.com> Co-authored-by: Mark Stacey <markjstacey@gmail.com>
This commit is contained in:
commit
2873053d45
@ -319,7 +319,7 @@ function setupController (initState, initLangCode) {
|
|||||||
[ENVIRONMENT_TYPE_FULLSCREEN]: true,
|
[ENVIRONMENT_TYPE_FULLSCREEN]: true,
|
||||||
}
|
}
|
||||||
|
|
||||||
const metamaskBlacklistedPorts = [
|
const metamaskBlockedPorts = [
|
||||||
'trezor-connect',
|
'trezor-connect',
|
||||||
]
|
]
|
||||||
|
|
||||||
@ -343,7 +343,7 @@ function setupController (initState, initLangCode) {
|
|||||||
const processName = remotePort.name
|
const processName = remotePort.name
|
||||||
const isMetaMaskInternalProcess = metamaskInternalProcessHash[processName]
|
const isMetaMaskInternalProcess = metamaskInternalProcessHash[processName]
|
||||||
|
|
||||||
if (metamaskBlacklistedPorts.includes(remotePort.name)) {
|
if (metamaskBlockedPorts.includes(remotePort.name)) {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -127,7 +127,7 @@ function logStreamDisconnectWarning (remoteLabel, err) {
|
|||||||
*/
|
*/
|
||||||
function shouldInjectProvider () {
|
function shouldInjectProvider () {
|
||||||
return doctypeCheck() && suffixCheck() &&
|
return doctypeCheck() && suffixCheck() &&
|
||||||
documentElementCheck() && !blacklistedDomainCheck()
|
documentElementCheck() && !blockedDomainCheck()
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -181,12 +181,12 @@ function documentElementCheck () {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Checks if the current domain is blacklisted
|
* Checks if the current domain is blocked
|
||||||
*
|
*
|
||||||
* @returns {boolean} {@code true} - if the current domain is blacklisted
|
* @returns {boolean} {@code true} - if the current domain is blocked
|
||||||
*/
|
*/
|
||||||
function blacklistedDomainCheck () {
|
function blockedDomainCheck () {
|
||||||
const blacklistedDomains = [
|
const blockedDomains = [
|
||||||
'uscourts.gov',
|
'uscourts.gov',
|
||||||
'dropbox.com',
|
'dropbox.com',
|
||||||
'webbyawards.com',
|
'webbyawards.com',
|
||||||
@ -200,9 +200,9 @@ function blacklistedDomainCheck () {
|
|||||||
]
|
]
|
||||||
const currentUrl = window.location.href
|
const currentUrl = window.location.href
|
||||||
let currentRegex
|
let currentRegex
|
||||||
for (let i = 0; i < blacklistedDomains.length; i++) {
|
for (let i = 0; i < blockedDomains.length; i++) {
|
||||||
const blacklistedDomain = blacklistedDomains[i].replace('.', '\\.')
|
const blockedDomain = blockedDomains[i].replace('.', '\\.')
|
||||||
currentRegex = new RegExp(`(?:https?:\\/\\/)(?:(?!${blacklistedDomain}).)*$`)
|
currentRegex = new RegExp(`(?:https?:\\/\\/)(?:(?!${blockedDomain}).)*$`)
|
||||||
if (!currentRegex.test(currentUrl)) {
|
if (!currentRegex.test(currentUrl)) {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
@ -25,7 +25,7 @@ import NonceTracker from 'nonce-tracker'
|
|||||||
import * as txUtils from './lib/util'
|
import * as txUtils from './lib/util'
|
||||||
import cleanErrorStack from '../../lib/cleanErrorStack'
|
import cleanErrorStack from '../../lib/cleanErrorStack'
|
||||||
import log from 'loglevel'
|
import log from 'loglevel'
|
||||||
import { throwIfAccountIsBlacklisted } from './lib/recipient-blacklist-checker'
|
import { throwIfAccountIsBlocked } from './lib/recipient-blocklist-checker'
|
||||||
|
|
||||||
import {
|
import {
|
||||||
TRANSACTION_TYPE_CANCEL,
|
TRANSACTION_TYPE_CANCEL,
|
||||||
@ -241,7 +241,7 @@ export default class TransactionController extends EventEmitter {
|
|||||||
this.emit('newUnapprovedTx', txMeta)
|
this.emit('newUnapprovedTx', txMeta)
|
||||||
|
|
||||||
try {
|
try {
|
||||||
throwIfAccountIsBlacklisted(txMeta.metamaskNetworkId, normalizedTxParams.to)
|
throwIfAccountIsBlocked(txMeta.metamaskNetworkId, normalizedTxParams.to)
|
||||||
txMeta = await this.addTxGasDefaults(txMeta, getCodeResponse)
|
txMeta = await this.addTxGasDefaults(txMeta, getCodeResponse)
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
log.warn(error)
|
log.warn(error)
|
||||||
|
@ -1,19 +0,0 @@
|
|||||||
import blacklist from './recipient-blacklist'
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Checks if a specified account on a specified network is blacklisted
|
|
||||||
* @param {number} networkId
|
|
||||||
* @param {string} account
|
|
||||||
* @throws {Error} if the account is blacklisted on mainnet
|
|
||||||
*/
|
|
||||||
export function throwIfAccountIsBlacklisted (networkId, account) {
|
|
||||||
const mainnetId = 1
|
|
||||||
if (networkId !== mainnetId) {
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
const accountToCheck = account.toLowerCase()
|
|
||||||
if (blacklist.includes(accountToCheck)) {
|
|
||||||
throw new Error('Recipient is a public account')
|
|
||||||
}
|
|
||||||
}
|
|
@ -0,0 +1,19 @@
|
|||||||
|
import blocklist from './recipient-blocklist'
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Checks if a specified account on a specified network is blocked
|
||||||
|
* @param {number} networkId
|
||||||
|
* @param {string} account
|
||||||
|
* @throws {Error} if the account is blocked on mainnet
|
||||||
|
*/
|
||||||
|
export function throwIfAccountIsBlocked (networkId, account) {
|
||||||
|
const mainnetId = 1
|
||||||
|
if (networkId !== mainnetId) {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
const accountToCheck = account.toLowerCase()
|
||||||
|
if (blocklist.includes(accountToCheck)) {
|
||||||
|
throw new Error('Recipient is a public account')
|
||||||
|
}
|
||||||
|
}
|
@ -1,4 +1,4 @@
|
|||||||
const blacklist = [
|
const blocklist = [
|
||||||
// IDEX phisher
|
// IDEX phisher
|
||||||
'0x9bcb0A9d99d815Bb87ee3191b1399b1Bcc46dc77',
|
'0x9bcb0A9d99d815Bb87ee3191b1399b1Bcc46dc77',
|
||||||
// Ganache default seed phrases
|
// Ganache default seed phrases
|
||||||
@ -14,4 +14,4 @@ const blacklist = [
|
|||||||
'0x5aeda56215b167893e80b4fe645ba6d5bab767de',
|
'0x5aeda56215b167893e80b4fe645ba6d5bab767de',
|
||||||
]
|
]
|
||||||
|
|
||||||
export default blacklist
|
export default blocklist
|
@ -457,6 +457,9 @@ export default class MetamaskController extends EventEmitter {
|
|||||||
markPasswordForgotten: this.markPasswordForgotten.bind(this),
|
markPasswordForgotten: this.markPasswordForgotten.bind(this),
|
||||||
unMarkPasswordForgotten: this.unMarkPasswordForgotten.bind(this),
|
unMarkPasswordForgotten: this.unMarkPasswordForgotten.bind(this),
|
||||||
buyEth: this.buyEth.bind(this),
|
buyEth: this.buyEth.bind(this),
|
||||||
|
safelistPhishingDomain: this.safelistPhishingDomain.bind(this),
|
||||||
|
getRequestAccountTabIds: (cb) => cb(null, this.getRequestAccountTabIds()),
|
||||||
|
getOpenMetamaskTabsIds: (cb) => cb(null, this.getOpenMetamaskTabsIds()),
|
||||||
|
|
||||||
// primary HD keyring management
|
// primary HD keyring management
|
||||||
addNewAccount: nodeify(this.addNewAccount, this),
|
addNewAccount: nodeify(this.addNewAccount, this),
|
||||||
@ -494,9 +497,6 @@ export default class MetamaskController extends EventEmitter {
|
|||||||
completeOnboarding: nodeify(preferencesController.completeOnboarding, preferencesController),
|
completeOnboarding: nodeify(preferencesController.completeOnboarding, preferencesController),
|
||||||
addKnownMethodData: nodeify(preferencesController.addKnownMethodData, preferencesController),
|
addKnownMethodData: nodeify(preferencesController.addKnownMethodData, preferencesController),
|
||||||
|
|
||||||
// BlacklistController
|
|
||||||
whitelistPhishingDomain: this.whitelistPhishingDomain.bind(this),
|
|
||||||
|
|
||||||
// AddressController
|
// AddressController
|
||||||
setAddressBook: nodeify(this.addressBookController.set, this.addressBookController),
|
setAddressBook: nodeify(this.addressBookController.set, this.addressBookController),
|
||||||
removeFromAddressBook: this.addressBookController.delete.bind(this.addressBookController),
|
removeFromAddressBook: this.addressBookController.delete.bind(this.addressBookController),
|
||||||
@ -572,9 +572,6 @@ export default class MetamaskController extends EventEmitter {
|
|||||||
addPermittedAccount: nodeify(permissionsController.addPermittedAccount, permissionsController),
|
addPermittedAccount: nodeify(permissionsController.addPermittedAccount, permissionsController),
|
||||||
removePermittedAccount: nodeify(permissionsController.removePermittedAccount, permissionsController),
|
removePermittedAccount: nodeify(permissionsController.removePermittedAccount, permissionsController),
|
||||||
requestAccountsPermission: nodeify(permissionsController.requestAccountsPermission, permissionsController),
|
requestAccountsPermission: nodeify(permissionsController.requestAccountsPermission, permissionsController),
|
||||||
|
|
||||||
getRequestAccountTabIds: (cb) => cb(null, this.getRequestAccountTabIds()),
|
|
||||||
getOpenMetamaskTabsIds: (cb) => cb(null, this.getOpenMetamaskTabsIds()),
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1446,7 +1443,7 @@ export default class MetamaskController extends EventEmitter {
|
|||||||
setupUntrustedCommunication (connectionStream, sender) {
|
setupUntrustedCommunication (connectionStream, sender) {
|
||||||
const { usePhishDetect } = this.preferencesController.store.getState()
|
const { usePhishDetect } = this.preferencesController.store.getState()
|
||||||
const hostname = (new URL(sender.url)).hostname
|
const hostname = (new URL(sender.url)).hostname
|
||||||
// Check if new connection is blacklisted if phishing detection is on
|
// Check if new connection is blocked if phishing detection is on
|
||||||
if (usePhishDetect && this.phishingController.test(hostname)) {
|
if (usePhishDetect && this.phishingController.test(hostname)) {
|
||||||
log.debug('MetaMask - sending phishing warning for', hostname)
|
log.debug('MetaMask - sending phishing warning for', hostname)
|
||||||
this.sendPhishingWarning(connectionStream, hostname)
|
this.sendPhishingWarning(connectionStream, hostname)
|
||||||
@ -2043,10 +2040,10 @@ export default class MetamaskController extends EventEmitter {
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Adds a domain to the PhishingController whitelist
|
* Adds a domain to the PhishingController safelist
|
||||||
* @param {string} hostname - the domain to whitelist
|
* @param {string} hostname - the domain to safelist
|
||||||
*/
|
*/
|
||||||
whitelistPhishingDomain (hostname) {
|
safelistPhishingDomain (hostname) {
|
||||||
return this.phishingController.bypass(hostname)
|
return this.phishingController.bypass(hostname)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -27,7 +27,7 @@ function start () {
|
|||||||
|
|
||||||
const continueLink = document.getElementById('unsafe-continue')
|
const continueLink = document.getElementById('unsafe-continue')
|
||||||
continueLink.addEventListener('click', () => {
|
continueLink.addEventListener('click', () => {
|
||||||
metaMaskController.whitelistPhishingDomain(suspect.hostname)
|
metaMaskController.safelistPhishingDomain(suspect.hostname)
|
||||||
window.location.href = suspect.href
|
window.location.href = suspect.href
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
import { strict as assert } from 'assert'
|
import { strict as assert } from 'assert'
|
||||||
import { throwIfAccountIsBlacklisted } from '../../../../../app/scripts/controllers/transactions/lib/recipient-blacklist-checker'
|
import { throwIfAccountIsBlocked } from '../../../../../app/scripts/controllers/transactions/lib/recipient-blocklist-checker'
|
||||||
import { ROPSTEN_NETWORK_ID, RINKEBY_NETWORK_ID, KOVAN_NETWORK_ID, GOERLI_NETWORK_ID } from '../../../../../app/scripts/controllers/network/enums'
|
import { ROPSTEN_NETWORK_ID, RINKEBY_NETWORK_ID, KOVAN_NETWORK_ID, GOERLI_NETWORK_ID } from '../../../../../app/scripts/controllers/network/enums'
|
||||||
|
|
||||||
describe('Recipient Blacklist Checker', function () {
|
describe('Recipient Blocklist Checker', function () {
|
||||||
describe('#throwIfAccountIsBlacklisted', function () {
|
describe('#throwIfAccountIsBlocked', function () {
|
||||||
// Accounts from Ganache's original default seed phrase
|
// Accounts from Ganache's original default seed phrase
|
||||||
const publicAccounts = [
|
const publicAccounts = [
|
||||||
'0x627306090abab3a6e1400e9345bc60c78a8bef57',
|
'0x627306090abab3a6e1400e9345bc60c78a8bef57',
|
||||||
@ -22,7 +22,7 @@ describe('Recipient Blacklist Checker', function () {
|
|||||||
const networks = [ROPSTEN_NETWORK_ID, RINKEBY_NETWORK_ID, KOVAN_NETWORK_ID, GOERLI_NETWORK_ID]
|
const networks = [ROPSTEN_NETWORK_ID, RINKEBY_NETWORK_ID, KOVAN_NETWORK_ID, GOERLI_NETWORK_ID]
|
||||||
for (const networkId of networks) {
|
for (const networkId of networks) {
|
||||||
for (const account of publicAccounts) {
|
for (const account of publicAccounts) {
|
||||||
assert.doesNotThrow(() => throwIfAccountIsBlacklisted(networkId, account))
|
assert.doesNotThrow(() => throwIfAccountIsBlocked(networkId, account))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
@ -30,7 +30,7 @@ describe('Recipient Blacklist Checker', function () {
|
|||||||
it('fails on mainnet', function () {
|
it('fails on mainnet', function () {
|
||||||
for (const account of publicAccounts) {
|
for (const account of publicAccounts) {
|
||||||
assert.throws(
|
assert.throws(
|
||||||
() => throwIfAccountIsBlacklisted(1, account),
|
() => throwIfAccountIsBlocked(1, account),
|
||||||
{ message: 'Recipient is a public account' },
|
{ message: 'Recipient is a public account' },
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
@ -38,14 +38,14 @@ describe('Recipient Blacklist Checker', function () {
|
|||||||
|
|
||||||
it('fails for public account - uppercase', function () {
|
it('fails for public account - uppercase', function () {
|
||||||
assert.throws(
|
assert.throws(
|
||||||
() => throwIfAccountIsBlacklisted(1, '0X0D1D4E623D10F9FBA5DB95830F7D3839406C6AF2'),
|
() => throwIfAccountIsBlocked(1, '0X0D1D4E623D10F9FBA5DB95830F7D3839406C6AF2'),
|
||||||
{ message: 'Recipient is a public account' },
|
{ message: 'Recipient is a public account' },
|
||||||
)
|
)
|
||||||
})
|
})
|
||||||
|
|
||||||
it('fails for public account - lowercase', function () {
|
it('fails for public account - lowercase', function () {
|
||||||
assert.throws(
|
assert.throws(
|
||||||
() => throwIfAccountIsBlacklisted(1, '0x0d1d4e623d10f9fba5db95830f7d3839406c6af2'),
|
() => throwIfAccountIsBlocked(1, '0x0d1d4e623d10f9fba5db95830f7d3839406c6af2'),
|
||||||
{ message: 'Recipient is a public account' },
|
{ message: 'Recipient is a public account' },
|
||||||
)
|
)
|
||||||
})
|
})
|
Loading…
Reference in New Issue
Block a user