1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-23 02:10:12 +01:00

Ensure permission log will only store JSON-able data (#10524)

This commit is contained in:
Erik Marks 2021-03-10 11:50:06 -08:00 committed by GitHub
parent 9339278d3c
commit a29fc51838
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 8 additions and 12 deletions

View File

@ -1,4 +1,4 @@
import { cloneDeep } from 'lodash'; import stringify from 'fast-safe-stringify';
import { CAVEAT_NAMES } from '../../../../shared/constants/permissions'; import { CAVEAT_NAMES } from '../../../../shared/constants/permissions';
import { import {
HISTORY_STORE_KEY, HISTORY_STORE_KEY,
@ -151,7 +151,7 @@ export default class PermissionsLogController {
? LOG_METHOD_TYPES.internal ? LOG_METHOD_TYPES.internal
: LOG_METHOD_TYPES.restricted, : LOG_METHOD_TYPES.restricted,
origin: request.origin, origin: request.origin,
request: cloneDeep(request), request: stringify(request, null, 2),
requestTime: Date.now(), requestTime: Date.now(),
response: null, response: null,
responseTime: null, responseTime: null,
@ -174,7 +174,7 @@ export default class PermissionsLogController {
return; return;
} }
entry.response = cloneDeep(response); entry.response = stringify(response, null, 2);
entry.responseTime = time; entry.responseTime = time;
entry.success = !response.error; entry.success = !response.error;
} }

View File

@ -134,6 +134,7 @@
"extension-port-stream": "^2.0.0", "extension-port-stream": "^2.0.0",
"extensionizer": "^1.0.1", "extensionizer": "^1.0.1",
"fast-json-patch": "^2.0.4", "fast-json-patch": "^2.0.4",
"fast-safe-stringify": "^2.0.7",
"fuse.js": "^3.2.0", "fuse.js": "^3.2.0",
"globalthis": "^1.0.1", "globalthis": "^1.0.1",
"human-standard-token-abi": "^2.0.0", "human-standard-token-abi": "^2.0.0",
@ -175,7 +176,6 @@
"reselect": "^3.0.1", "reselect": "^3.0.1",
"rpc-cap": "^3.2.1", "rpc-cap": "^3.2.1",
"safe-event-emitter": "^1.0.1", "safe-event-emitter": "^1.0.1",
"safe-json-stringify": "^1.2.0",
"single-call-balance-checker-abi": "^1.0.0", "single-call-balance-checker-abi": "^1.0.0",
"swappable-obj-proxy": "^1.1.0", "swappable-obj-proxy": "^1.1.0",
"textarea-caret": "^3.0.1", "textarea-caret": "^3.0.1",

View File

@ -1,4 +1,5 @@
import { strict as assert } from 'assert'; import { strict as assert } from 'assert';
import stringify from 'fast-safe-stringify';
import { noop } from './mocks'; import { noop } from './mocks';
@ -84,9 +85,9 @@ function _validateActivityEntry(entry, req, res, methodType, success) {
assert.equal(entry.method, req.method); assert.equal(entry.method, req.method);
assert.equal(entry.origin, req.origin); assert.equal(entry.origin, req.origin);
assert.equal(entry.methodType, methodType); assert.equal(entry.methodType, methodType);
assert.deepEqual( assert.equal(
entry.request, entry.request,
req, stringify(req, null, 2),
'entry.request should equal the request', 'entry.request should equal the request',
); );
@ -104,7 +105,7 @@ function _validateActivityEntry(entry, req, res, methodType, success) {
assert.equal(entry.success, success); assert.equal(entry.success, success);
assert.deepEqual( assert.deepEqual(
entry.response, entry.response,
res, stringify(res, null, 2),
'entry.response should equal the response', 'entry.response should equal the response',
); );
} else { } else {

View File

@ -22131,11 +22131,6 @@ safe-json-parse@~1.0.1:
resolved "https://registry.yarnpkg.com/safe-json-parse/-/safe-json-parse-1.0.1.tgz#3e76723e38dfdda13c9b1d29a1e07ffee4b30b57" resolved "https://registry.yarnpkg.com/safe-json-parse/-/safe-json-parse-1.0.1.tgz#3e76723e38dfdda13c9b1d29a1e07ffee4b30b57"
integrity sha1-PnZyPjjf3aE8mx0poeB//uSzC1c= integrity sha1-PnZyPjjf3aE8mx0poeB//uSzC1c=
safe-json-stringify@^1.2.0:
version "1.2.0"
resolved "https://registry.yarnpkg.com/safe-json-stringify/-/safe-json-stringify-1.2.0.tgz#356e44bc98f1f93ce45df14bcd7c01cda86e0afd"
integrity sha512-gH8eh2nZudPQO6TytOvbxnuhYBOvDBBLW52tz5q6X58lJcd/tkmqFR+5Z9adS8aJtURSXWThWy/xJtJwixErvg==
safe-regex@^1.1.0: safe-regex@^1.1.0:
version "1.1.0" version "1.1.0"
resolved "https://registry.yarnpkg.com/safe-regex/-/safe-regex-1.1.0.tgz#40a3669f3b077d1e943d44629e157dd48023bf2e" resolved "https://registry.yarnpkg.com/safe-regex/-/safe-regex-1.1.0.tgz#40a3669f3b077d1e943d44629e157dd48023bf2e"