Add ability to whitelist a blacklisted domain at runtime

2024-12-23 09:52:26 +01:00 · 2018-10-01 20:28:46 -02:30 · 2018-10-01 20:28:46 -02:30 · 4dd6c8168f
commit 4dd6c8168f
parent 343ae7c143
2 changed files with 37 additions and 0 deletions
--- a/app/scripts/controllers/blacklist.js
+++ b/app/scripts/controllers/blacklist.js
@ -29,6 +29,7 @@ class BlacklistController {
  constructor (opts = {}) {
    const initState = extend({
      phishing: PHISHING_DETECTION_CONFIG,
+      whitelist: [],
    }, opts.initState)
    this.store = new ObservableStore(initState)
    // phishing detector
@ -38,6 +39,21 @@ class BlacklistController {
    this._phishingUpdateIntervalRef = null
  }

+  /**
+   * Adds the given hostname to the runtime whitelist
+   * @param {string} hostname the hostname to whitelist
+   */
+  whitelistDomain (hostname) {
+    if (!hostname) {
+      return
+    }
+
+    const { whitelist } = this.store.getState()
+    this.store.updateState({
+      whitelist: [...new Set([hostname, ...whitelist])],
+    })
+  }
+
  /**
   * Given a url, returns the result of checking if that url is in the store.phishing blacklist
   *
@ -48,6 +64,12 @@ class BlacklistController {
   */
  checkForPhishing (hostname) {
    if (!hostname) return false
+
+    const { whitelist } = this.store.getState()
+    if (whitelist.some((e) => e === hostname)) {
+      return false
+    }
+
    const { result } = this._phishingDetector.check(hostname)
    return result
  }
--- a/test/unit/app/controllers/blacklist-controller-test.js
+++ b/test/unit/app/controllers/blacklist-controller-test.js
@ -8,6 +8,16 @@ describe('blacklist controller', function () {
    blacklistController = new BlacklistController()
  })

+  describe('whitelistDomain', function () {
+    it('should add hostname to the runtime whitelist', function () {
+      blacklistController.whitelistDomain('foo.com')
+      assert.deepEqual(blacklistController.store.getState().whitelist, ['foo.com'])
+
+      blacklistController.whitelistDomain('bar.com')
+      assert.deepEqual(blacklistController.store.getState().whitelist, ['bar.com', 'foo.com'])
+    })
+  })
+
  describe('checkForPhishing', function () {
    it('should not flag whitelisted values', function () {
      const result = blacklistController.checkForPhishing('www.metamask.io')
@ -37,5 +47,10 @@ describe('blacklist controller', function () {
      const result = blacklistController.checkForPhishing('zero-faucet.metamask.io')
      assert.equal(result, false)
    })
+    it('should not flag whitelisted domain', function () {
+      blacklistController.whitelistDomain('metamask.com')
+      const result = blacklistController.checkForPhishing('metamask.com')
+      assert.equal(result, false)
+    })
  })
 })