mirror of
https://github.com/kremalicious/metamask-extension.git
synced 2024-11-22 09:57:02 +01:00
Inject Script: Blacklist domains where not to inject script
Put a blacklist domain check where if the page url is in the list of blacklisted domains, we shouldn't inject script in that web page.
This commit is contained in:
parent
e2efc91aee
commit
6174c00c10
@ -96,7 +96,8 @@ function logStreamDisconnectWarning (remoteLabel, err) {
|
||||
}
|
||||
|
||||
function shouldInjectWeb3 () {
|
||||
return doctypeCheck() && suffixCheck() && documentElementCheck()
|
||||
return doctypeCheck() && suffixCheck()
|
||||
&& documentElementCheck() && !blacklistedDomainCheck()
|
||||
}
|
||||
|
||||
function doctypeCheck () {
|
||||
@ -129,6 +130,20 @@ function documentElementCheck () {
|
||||
return true
|
||||
}
|
||||
|
||||
function blacklistedDomainCheck () {
|
||||
var blacklistedDomains = ['uscourts.gov', 'dropbox.com']
|
||||
var currentUrl = window.location.href
|
||||
var currentRegex
|
||||
for (let i = 0; i < blacklistedDomains.length; i++) {
|
||||
const blacklistedDomain = blacklistedDomains[i].replace('.', '\\.')
|
||||
currentRegex = new RegExp(`(?:https?:\\/\\/)(?:(?!${blacklistedDomain}).)*$`)
|
||||
if (!currentRegex.test(currentUrl)) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
function redirectToPhishingWarning () {
|
||||
console.log('MetaMask - redirecting to phishing warning')
|
||||
window.location.href = 'https://metamask.io/phishing.html'
|
||||
|
Loading…
Reference in New Issue
Block a user