From 8b1726cc550d4a5b142a2a525ce6b94713dc04e0 Mon Sep 17 00:00:00 2001 From: Dan Finlay Date: Wed, 26 Jul 2017 16:30:54 -0700 Subject: [PATCH] Live update blacklist from Infura --- CHANGELOG.md | 2 ++ app/manifest.json | 9 +++++++-- app/scripts/background.js | 14 ++++++-------- app/scripts/blacklister.js | 4 +--- app/scripts/inpage.js | 1 + 5 files changed, 17 insertions(+), 13 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c5f727586..ba8bdd16c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ ## Current Master +- Continuously update blacklist for known phishing sites in background. + ## 3.9.2 2017-7-26 - Fix bugs that could sometimes result in failed transactions after switching networks. diff --git a/app/manifest.json b/app/manifest.json index 55e1eb5b1..edc4d7162 100644 --- a/app/manifest.json +++ b/app/manifest.json @@ -55,8 +55,13 @@ }, { "run_at": "document_start", - "matches": ["http://*/*", "https://*/*"], - "js": ["scripts/blacklister.js"] + "matches": [ + "file://*/*", + "http://*/*", + "https://*/*" + ], + "js": ["scripts/blacklister.js"], + "all_frames": true } ], "permissions": [ diff --git a/app/scripts/background.js b/app/scripts/background.js index c9505b237..01bb39186 100644 --- a/app/scripts/background.js +++ b/app/scripts/background.js @@ -91,7 +91,7 @@ function setupController (initState) { extension.runtime.onConnect.addListener(connectRemote) function connectRemote (remotePort) { if (remotePort.name === 'blacklister') { - return setupBlacklist(connectRemote) + return checkBlacklist(remotePort) } var isMetaMaskInternalProcess = remotePort.name === 'popup' || remotePort.name === 'notification' @@ -140,25 +140,23 @@ function setupController (initState) { } // Listen for new pages and return if blacklisted: -function setupBlacklist (port) { - console.log('Blacklist connection established') - const handler = handleNewPageLoad.bind(port) +function checkBlacklist (port) { + const handler = handleNewPageLoad.bind(null, port) port.onMessage.addListener(handler) setTimeout(() => { port.onMessage.removeListener(handler) }, 30000) } -function handleNewPageLoad (message) { +function handleNewPageLoad (port, message) { const { pageLoaded } = message - console.log('blaclist message received', message.pageLoaded) if (!pageLoaded || !global.metamaskController) return const state = global.metamaskController.getState() - const { blacklist } = state.metamask + const { blacklist } = state if (blacklist && blacklist.includes(pageLoaded)) { - this.postMessage({ 'blacklist': pageLoaded }) + port.postMessage({ 'blacklist': pageLoaded }) } } diff --git a/app/scripts/blacklister.js b/app/scripts/blacklister.js index f5572c11a..37751b595 100644 --- a/app/scripts/blacklister.js +++ b/app/scripts/blacklister.js @@ -1,13 +1,11 @@ const extension = require('extensionizer') -console.log('blacklister content script loaded.') -const port = extension.runtime.connect({ name: 'blacklister' }) +var port = extension.runtime.connect({name: 'blacklister'}) port.postMessage({ 'pageLoaded': window.location.hostname }) port.onMessage.addListener(redirectIfBlacklisted) function redirectIfBlacklisted (response) { const { blacklist } = response - console.log('blacklister contentscript received blacklist response') const host = window.location.hostname if (blacklist && blacklist === host) { window.location.href = 'https://metamask.io/phishing.html' diff --git a/app/scripts/inpage.js b/app/scripts/inpage.js index ec764535e..9e98c044b 100644 --- a/app/scripts/inpage.js +++ b/app/scripts/inpage.js @@ -65,3 +65,4 @@ function restoreContextAfterImports () { console.warn('MetaMask - global.define could not be overwritten.') } } +