1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 09:52:26 +01:00

Merge pull request #5689 from MetaMask/reject-cached-approval

EIP-1102: Clear approvals on rejection
This commit is contained in:
Bruno Barbieri 2018-11-07 01:21:33 +01:00 committed by GitHub
commit 68138e178e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 33 additions and 13 deletions

View File

@ -37,8 +37,10 @@ function injectScript (content) {
try {
const container = document.head || document.documentElement
const scriptTag = document.createElement('script')
scriptTag.setAttribute('async', false)
scriptTag.textContent = content
container.insertBefore(scriptTag, container.children[0])
container.removeChild(scriptTag)
} catch (e) {
console.error('MetaMask script injection failed', e)
}

View File

@ -54,7 +54,7 @@ class ProviderApprovalController {
_handleProviderRequest (origin, siteTitle, siteImage, force) {
this.store.updateState({ providerRequests: [{ origin, siteTitle, siteImage }] })
const isUnlocked = this.keyringController.memStore.getState().isUnlocked
if (!force && this.isApproved(origin) && this.caching && isUnlocked) {
if (!force && this.approvedOrigins[origin] && this.caching && isUnlocked) {
this.approveProviderRequest(origin)
return
}
@ -67,9 +67,11 @@ class ProviderApprovalController {
* @param {string} origin - Origin of the window
*/
_handleIsApproved (origin) {
const isApproved = this.isApproved(origin) && this.caching
const caching = this.caching
this.platform && this.platform.sendMessage({ action: 'answer-is-approved', isApproved, caching }, { active: true })
this.platform && this.platform.sendMessage({
action: 'answer-is-approved',
isApproved: this.approvedOrigins[origin] && this.caching,
caching: this.caching,
}, { active: true })
}
/**
@ -117,6 +119,7 @@ class ProviderApprovalController {
this.platform && this.platform.sendMessage({ action: 'reject-provider-request' }, { active: true })
const providerRequests = requests.filter(request => request.origin !== origin)
this.store.updateState({ providerRequests })
delete this.approvedOrigins[origin]
}
/**
@ -127,12 +130,12 @@ class ProviderApprovalController {
}
/**
* Determines if a given origin has been approved
* Determines if a given origin should have accounts exposed
*
* @param {string} origin - Domain origin to check for approval status
* @returns {boolean} - True if the origin has been approved
*/
isApproved (origin) {
shouldExposeAccounts (origin) {
const privacyMode = this.preferencesController.getFeatureFlags().privacyMode
return !privacyMode || this.approvedOrigins[origin]
}

View File

@ -277,8 +277,8 @@ module.exports = class MetamaskController extends EventEmitter {
getAccounts: async ({ origin }) => {
// Expose no accounts if this origin has not been approved, preventing
// account-requring RPC methods from completing successfully
const isApproved = this.providerApprovalController.isApproved(origin)
if (origin !== 'MetaMask' && !isApproved) { return [] }
const exposeAccounts = this.providerApprovalController.shouldExposeAccounts(origin)
if (origin !== 'MetaMask' && !exposeAccounts) { return [] }
const isUnlocked = this.keyringController.memStore.getState().isUnlocked
const selectedAddress = this.preferencesController.getSelectedAddress()
// only show address if account is unlocked

View File

@ -19,6 +19,7 @@ const {
openNewPage,
verboseReportOnFailure,
waitUntilXWindowHandles,
switchToWindowWithTitle,
} = require('./helpers')
describe('MetaMask', function () {
@ -266,18 +267,32 @@ describe('MetaMask', function () {
})
describe('Drizzle', () => {
it('should be able to detect our eth address', async () => {
let windowHandles
let extension
let popup
let dapp
it('be able to connect the account', async () => {
await openNewPage(driver, 'http://127.0.0.1:3000/')
await delay(regularDelayMs)
await waitUntilXWindowHandles(driver, 2)
const windowHandles = await driver.getAllWindowHandles()
const dapp = windowHandles[1]
await waitUntilXWindowHandles(driver, 3)
windowHandles = await driver.getAllWindowHandles()
extension = windowHandles[0]
popup = await switchToWindowWithTitle(driver, 'MetaMask Notification', windowHandles)
dapp = windowHandles.find(handle => handle !== extension && handle !== popup)
await delay(regularDelayMs)
const approveButton = await findElement(driver, By.xpath(`//button[contains(text(), 'Connect')]`))
await approveButton.click()
})
it('should be able to detect our eth address', async () => {
// Check if address exposed
await driver.switchTo().window(dapp)
await delay(regularDelayMs)
const addressElement = await findElement(driver, By.css(`.pure-u-1-1 h4`))
const addressText = await addressElement.getText()
assert(addressText.match(/^0x[a-fA-F0-9]{40}$/))