1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 09:52:26 +01:00

Replace blacklist/whitelist with blocklist/safelist (#8765)

* blacklist -> blocklist; whitelist -> safelist

* blocklisted -> blocked

Co-authored-by: Erik Marks <rekmarks@protonmail.com>
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
This commit is contained in:
Erik Marks 2020-06-08 19:00:41 -07:00 committed by GitHub
commit 2873053d45
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 48 additions and 51 deletions

View File

@ -319,7 +319,7 @@ function setupController (initState, initLangCode) {
[ENVIRONMENT_TYPE_FULLSCREEN]: true,
}
const metamaskBlacklistedPorts = [
const metamaskBlockedPorts = [
'trezor-connect',
]
@ -343,7 +343,7 @@ function setupController (initState, initLangCode) {
const processName = remotePort.name
const isMetaMaskInternalProcess = metamaskInternalProcessHash[processName]
if (metamaskBlacklistedPorts.includes(remotePort.name)) {
if (metamaskBlockedPorts.includes(remotePort.name)) {
return false
}

View File

@ -127,7 +127,7 @@ function logStreamDisconnectWarning (remoteLabel, err) {
*/
function shouldInjectProvider () {
return doctypeCheck() && suffixCheck() &&
documentElementCheck() && !blacklistedDomainCheck()
documentElementCheck() && !blockedDomainCheck()
}
/**
@ -181,12 +181,12 @@ function documentElementCheck () {
}
/**
* Checks if the current domain is blacklisted
* Checks if the current domain is blocked
*
* @returns {boolean} {@code true} - if the current domain is blacklisted
* @returns {boolean} {@code true} - if the current domain is blocked
*/
function blacklistedDomainCheck () {
const blacklistedDomains = [
function blockedDomainCheck () {
const blockedDomains = [
'uscourts.gov',
'dropbox.com',
'webbyawards.com',
@ -200,9 +200,9 @@ function blacklistedDomainCheck () {
]
const currentUrl = window.location.href
let currentRegex
for (let i = 0; i < blacklistedDomains.length; i++) {
const blacklistedDomain = blacklistedDomains[i].replace('.', '\\.')
currentRegex = new RegExp(`(?:https?:\\/\\/)(?:(?!${blacklistedDomain}).)*$`)
for (let i = 0; i < blockedDomains.length; i++) {
const blockedDomain = blockedDomains[i].replace('.', '\\.')
currentRegex = new RegExp(`(?:https?:\\/\\/)(?:(?!${blockedDomain}).)*$`)
if (!currentRegex.test(currentUrl)) {
return true
}

View File

@ -25,7 +25,7 @@ import NonceTracker from 'nonce-tracker'
import * as txUtils from './lib/util'
import cleanErrorStack from '../../lib/cleanErrorStack'
import log from 'loglevel'
import { throwIfAccountIsBlacklisted } from './lib/recipient-blacklist-checker'
import { throwIfAccountIsBlocked } from './lib/recipient-blocklist-checker'
import {
TRANSACTION_TYPE_CANCEL,
@ -241,7 +241,7 @@ export default class TransactionController extends EventEmitter {
this.emit('newUnapprovedTx', txMeta)
try {
throwIfAccountIsBlacklisted(txMeta.metamaskNetworkId, normalizedTxParams.to)
throwIfAccountIsBlocked(txMeta.metamaskNetworkId, normalizedTxParams.to)
txMeta = await this.addTxGasDefaults(txMeta, getCodeResponse)
} catch (error) {
log.warn(error)

View File

@ -1,19 +0,0 @@
import blacklist from './recipient-blacklist'
/**
* Checks if a specified account on a specified network is blacklisted
* @param {number} networkId
* @param {string} account
* @throws {Error} if the account is blacklisted on mainnet
*/
export function throwIfAccountIsBlacklisted (networkId, account) {
const mainnetId = 1
if (networkId !== mainnetId) {
return
}
const accountToCheck = account.toLowerCase()
if (blacklist.includes(accountToCheck)) {
throw new Error('Recipient is a public account')
}
}

View File

@ -0,0 +1,19 @@
import blocklist from './recipient-blocklist'
/**
* Checks if a specified account on a specified network is blocked
* @param {number} networkId
* @param {string} account
* @throws {Error} if the account is blocked on mainnet
*/
export function throwIfAccountIsBlocked (networkId, account) {
const mainnetId = 1
if (networkId !== mainnetId) {
return
}
const accountToCheck = account.toLowerCase()
if (blocklist.includes(accountToCheck)) {
throw new Error('Recipient is a public account')
}
}

View File

@ -1,4 +1,4 @@
const blacklist = [
const blocklist = [
// IDEX phisher
'0x9bcb0A9d99d815Bb87ee3191b1399b1Bcc46dc77',
// Ganache default seed phrases
@ -14,4 +14,4 @@ const blacklist = [
'0x5aeda56215b167893e80b4fe645ba6d5bab767de',
]
export default blacklist
export default blocklist

View File

@ -457,6 +457,9 @@ export default class MetamaskController extends EventEmitter {
markPasswordForgotten: this.markPasswordForgotten.bind(this),
unMarkPasswordForgotten: this.unMarkPasswordForgotten.bind(this),
buyEth: this.buyEth.bind(this),
safelistPhishingDomain: this.safelistPhishingDomain.bind(this),
getRequestAccountTabIds: (cb) => cb(null, this.getRequestAccountTabIds()),
getOpenMetamaskTabsIds: (cb) => cb(null, this.getOpenMetamaskTabsIds()),
// primary HD keyring management
addNewAccount: nodeify(this.addNewAccount, this),
@ -494,9 +497,6 @@ export default class MetamaskController extends EventEmitter {
completeOnboarding: nodeify(preferencesController.completeOnboarding, preferencesController),
addKnownMethodData: nodeify(preferencesController.addKnownMethodData, preferencesController),
// BlacklistController
whitelistPhishingDomain: this.whitelistPhishingDomain.bind(this),
// AddressController
setAddressBook: nodeify(this.addressBookController.set, this.addressBookController),
removeFromAddressBook: this.addressBookController.delete.bind(this.addressBookController),
@ -572,9 +572,6 @@ export default class MetamaskController extends EventEmitter {
addPermittedAccount: nodeify(permissionsController.addPermittedAccount, permissionsController),
removePermittedAccount: nodeify(permissionsController.removePermittedAccount, permissionsController),
requestAccountsPermission: nodeify(permissionsController.requestAccountsPermission, permissionsController),
getRequestAccountTabIds: (cb) => cb(null, this.getRequestAccountTabIds()),
getOpenMetamaskTabsIds: (cb) => cb(null, this.getOpenMetamaskTabsIds()),
}
}
@ -1446,7 +1443,7 @@ export default class MetamaskController extends EventEmitter {
setupUntrustedCommunication (connectionStream, sender) {
const { usePhishDetect } = this.preferencesController.store.getState()
const hostname = (new URL(sender.url)).hostname
// Check if new connection is blacklisted if phishing detection is on
// Check if new connection is blocked if phishing detection is on
if (usePhishDetect && this.phishingController.test(hostname)) {
log.debug('MetaMask - sending phishing warning for', hostname)
this.sendPhishingWarning(connectionStream, hostname)
@ -2043,10 +2040,10 @@ export default class MetamaskController extends EventEmitter {
*/
/**
* Adds a domain to the PhishingController whitelist
* @param {string} hostname - the domain to whitelist
* Adds a domain to the PhishingController safelist
* @param {string} hostname - the domain to safelist
*/
whitelistPhishingDomain (hostname) {
safelistPhishingDomain (hostname) {
return this.phishingController.bypass(hostname)
}

View File

@ -27,7 +27,7 @@ function start () {
const continueLink = document.getElementById('unsafe-continue')
continueLink.addEventListener('click', () => {
metaMaskController.whitelistPhishingDomain(suspect.hostname)
metaMaskController.safelistPhishingDomain(suspect.hostname)
window.location.href = suspect.href
})
})

View File

@ -1,9 +1,9 @@
import { strict as assert } from 'assert'
import { throwIfAccountIsBlacklisted } from '../../../../../app/scripts/controllers/transactions/lib/recipient-blacklist-checker'
import { throwIfAccountIsBlocked } from '../../../../../app/scripts/controllers/transactions/lib/recipient-blocklist-checker'
import { ROPSTEN_NETWORK_ID, RINKEBY_NETWORK_ID, KOVAN_NETWORK_ID, GOERLI_NETWORK_ID } from '../../../../../app/scripts/controllers/network/enums'
describe('Recipient Blacklist Checker', function () {
describe('#throwIfAccountIsBlacklisted', function () {
describe('Recipient Blocklist Checker', function () {
describe('#throwIfAccountIsBlocked', function () {
// Accounts from Ganache's original default seed phrase
const publicAccounts = [
'0x627306090abab3a6e1400e9345bc60c78a8bef57',
@ -22,7 +22,7 @@ describe('Recipient Blacklist Checker', function () {
const networks = [ROPSTEN_NETWORK_ID, RINKEBY_NETWORK_ID, KOVAN_NETWORK_ID, GOERLI_NETWORK_ID]
for (const networkId of networks) {
for (const account of publicAccounts) {
assert.doesNotThrow(() => throwIfAccountIsBlacklisted(networkId, account))
assert.doesNotThrow(() => throwIfAccountIsBlocked(networkId, account))
}
}
})
@ -30,7 +30,7 @@ describe('Recipient Blacklist Checker', function () {
it('fails on mainnet', function () {
for (const account of publicAccounts) {
assert.throws(
() => throwIfAccountIsBlacklisted(1, account),
() => throwIfAccountIsBlocked(1, account),
{ message: 'Recipient is a public account' },
)
}
@ -38,14 +38,14 @@ describe('Recipient Blacklist Checker', function () {
it('fails for public account - uppercase', function () {
assert.throws(
() => throwIfAccountIsBlacklisted(1, '0X0D1D4E623D10F9FBA5DB95830F7D3839406C6AF2'),
() => throwIfAccountIsBlocked(1, '0X0D1D4E623D10F9FBA5DB95830F7D3839406C6AF2'),
{ message: 'Recipient is a public account' },
)
})
it('fails for public account - lowercase', function () {
assert.throws(
() => throwIfAccountIsBlacklisted(1, '0x0d1d4e623d10f9fba5db95830f7d3839406c6af2'),
() => throwIfAccountIsBlocked(1, '0x0d1d4e623d10f9fba5db95830f7d3839406c6af2'),
{ message: 'Recipient is a public account' },
)
})