From c76c9ca2c86317f902f443db2c5704d4bf6311c0 Mon Sep 17 00:00:00 2001 From: bitpshr Date: Thu, 27 Sep 2018 14:19:09 -0400 Subject: [PATCH] EIP-1102: updated implementation --- app/_locales/cs/messages.json | 30 + app/_locales/de/messages.json | 30 + app/_locales/en/messages.json | 30 + app/_locales/es/messages.json | 30 + app/_locales/fr/messages.json | 30 + app/_locales/hn/messages.json | 30 + app/_locales/it/messages.json | 30 + app/_locales/ja/messages.json | 30 + app/_locales/ko/messages.json | 30 + app/_locales/nl/messages.json | 30 + app/_locales/ph/messages.json | 30 + app/_locales/pt/messages.json | 30 + app/_locales/ru/messages.json | 30 + app/_locales/sl/messages.json | 32 + app/_locales/th/messages.json | 30 + app/_locales/tml/messages.json | 30 + app/_locales/tr/messages.json | 30 + app/_locales/vi/messages.json | 30 + app/_locales/zh_CN/messages.json | 30 + app/_locales/zh_TW/messages.json | 30 + app/scripts/background.js | 5 +- app/scripts/contentscript.js | 61 +- app/scripts/controllers/preferences.js | 4 +- app/scripts/controllers/provider-approval.js | 84 + app/scripts/inpage.js | 23 +- app/scripts/metamask-controller.js | 21 +- app/scripts/platforms/extension.js | 12 + old-ui/app/app.js | 10 +- old-ui/app/config.js | 25 + old-ui/app/provider-approval.js | 64 + package-lock.json | 14552 ++++++++-------- test/e2e/beta/contract-test/contract.js | 207 +- test/e2e/beta/helpers.js | 17 + test/e2e/beta/metamask-beta-ui.spec.js | 25 +- test/e2e/metamask.spec.js | 31 +- .../preferences-controller-test.js | 4 +- ui/app/actions.js | 21 + .../clear-approved-origins.component.js | 39 + .../clear-approved-origins.container.js | 16 + .../modals/clear-approved-origins/index.js | 1 + ui/app/components/modals/modal.js | 14 + ui/app/components/page-container/index.scss | 1 + .../components/pages/home/home.component.js | 8 + .../components/pages/home/home.container.js | 2 + .../pages/provider-approval/index.js | 1 + .../provider-approval.component.js | 35 + .../provider-approval.container.js | 12 + .../settings-tab/settings-tab.component.js | 32 + .../settings-tab/settings-tab.container.js | 1 + ui/app/css/itcss/components/pages/index.scss | 2 + .../components/pages/provider-approval.scss | 11 + 51 files changed, 8283 insertions(+), 7660 deletions(-) create mode 100644 app/scripts/controllers/provider-approval.js create mode 100644 old-ui/app/provider-approval.js create mode 100644 ui/app/components/modals/clear-approved-origins/clear-approved-origins.component.js create mode 100644 ui/app/components/modals/clear-approved-origins/clear-approved-origins.container.js create mode 100644 ui/app/components/modals/clear-approved-origins/index.js create mode 100644 ui/app/components/pages/provider-approval/index.js create mode 100644 ui/app/components/pages/provider-approval/provider-approval.component.js create mode 100644 ui/app/components/pages/provider-approval/provider-approval.container.js create mode 100644 ui/app/css/itcss/components/pages/provider-approval.scss diff --git a/app/_locales/cs/messages.json b/app/_locales/cs/messages.json index ae2413ad9..d182a9aff 100644 --- a/app/_locales/cs/messages.json +++ b/app/_locales/cs/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "Naozaj chcete vymazať schválené webové stránky?" + }, + "clearApprovalDataSuccess": { + "message": "Schválené údaje webových stránek byly úspěšně zrušeny." + }, + "approvalData": { + "message": "Údaje o schválení" + }, + "approvalDataDescription": { + "message": "Vymažte schválené údaje webových stránek, aby všechny weby znovu požádaly o schválení." + }, + "clearApprovalData": { + "message": "Jasné údaje o schválení" + }, + "approve": { + "message": "Schválit" + }, + "reject": { + "message": "Odmítnout" + }, + "providerAPIRequest": { + "message": "Požadavek API Ethereum" + }, + "reviewProviderRequest": { + "message": "Přečtěte si prosím tuto žádost API Ethereum." + }, + "providerRequestInfo": { + "message": "Níže uvedená doména se pokouší požádat o přístup k API Ethereum, aby mohla komunikovat s blokádou Ethereum. Před schválením přístupu Ethereum vždy zkontrolujte, zda jste na správném místě." + }, "accept": { "message": "Přijmout" }, diff --git a/app/_locales/de/messages.json b/app/_locales/de/messages.json index 9e1eb9eac..0318ee106 100644 --- a/app/_locales/de/messages.json +++ b/app/_locales/de/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "Möchten Sie die genehmigten Websites wirklich löschen?" + }, + "clearApprovalDataSuccess": { + "message": "Genehmigte Website-Daten wurden erfolgreich gelöscht." + }, + "approvalData": { + "message": "Genehmigungsdaten" + }, + "approvalDataDescription": { + "message": "Löschen Sie die genehmigten Website-Daten, damit alle Websites erneut eine Genehmigung anfordern müssen." + }, + "clearApprovalData": { + "message": "Genehmigungsdaten löschen" + }, + "approve": { + "message": "Genehmigen" + }, + "reject": { + "message": "Ablehnen" + }, + "providerAPIRequest": { + "message": "Web3-API-Anfrage" + }, + "reviewProviderRequest": { + "message": "Bitte lesen Sie diese Ethereum-API-Anfrage." + }, + "providerRequestInfo": { + "message": "Die unten aufgeführte Domäne versucht, Zugriff auf die Ethereum-API anzufordern, damit sie mit der Ethereum-Blockchain interagieren kann. Überprüfen Sie immer, dass Sie sich auf der richtigen Website befinden, bevor Sie den Web3-Zugriff genehmigen." + }, "accept": { "message": "Annehmen" }, diff --git a/app/_locales/en/messages.json b/app/_locales/en/messages.json index 26d0422cb..8c6ba50aa 100644 --- a/app/_locales/en/messages.json +++ b/app/_locales/en/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "Are you sure you want to clear approved websites?" + }, + "clearApprovalDataSuccess": { + "message": "Approved website data cleared successfully." + }, + "approvalData": { + "message": "Approval Data" + }, + "approvalDataDescription": { + "message": "Clear approved website data so all sites must request approval again." + }, + "clearApprovalData": { + "message": "Clear Approval Data" + }, + "approve": { + "message": "Approve" + }, + "reject": { + "message": "Reject" + }, + "providerAPIRequest": { + "message": "Ethereum API Request" + }, + "reviewProviderRequest": { + "message": "Please review this Ethereum API request." + }, + "providerRequestInfo": { + "message": "The domain listed below is requesting access to the Ethereum blockchain and to view your current account. Always double check that you're on the correct site before approving access." + }, "accept": { "message": "Accept" }, diff --git a/app/_locales/es/messages.json b/app/_locales/es/messages.json index be2a29ab5..057be691f 100644 --- a/app/_locales/es/messages.json +++ b/app/_locales/es/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "¿Seguro que quieres borrar los sitios web aprobados?" + }, + "clearApprovalDataSuccess": { + "message": "Los datos aprobados del sitio web se borraron con éxito." + }, + "approvalData": { + "message": "Datos de aprobación" + }, + "approvalDataDescription": { + "message": "Borre los datos del sitio web aprobado para que todos los sitios deban volver a solicitar la aprobación." + }, + "clearApprovalData": { + "message": "Borrar datos de aprobación" + }, + "approve": { + "message": "Aprobar" + }, + "reject": { + "message": "Rechazar" + }, + "providerAPIRequest": { + "message": "Solicitud de API Web3" + }, + "reviewProviderRequest": { + "message": "Por favor, revise esta solicitud API Ethereum." + }, + "providerRequestInfo": { + "message": "El dominio que se muestra a continuación intenta solicitar acceso a la API Ethereum para que pueda interactuar con la cadena de bloques de Ethereum. Siempre verifique que esté en el sitio correcto antes de aprobar el acceso Ethereum." + }, "accept": { "message": "Aceptar" }, diff --git a/app/_locales/fr/messages.json b/app/_locales/fr/messages.json index d418cd9aa..3d5a66653 100644 --- a/app/_locales/fr/messages.json +++ b/app/_locales/fr/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "Êtes-vous sûr de vouloir supprimer les sites Web approuvés?" + }, + "clearApprovalDataSuccess": { + "message": "Les données de site Web approuvées ont été supprimées." + }, + "approvalData": { + "message": "Données d'approbation" + }, + "approvalDataDescription": { + "message": "Effacer les données de site Web approuvées afin que tous les sites doivent à nouveau demander l'approbation." + }, + "clearApprovalData": { + "message": "Effacer les données d'approbation" + }, + "approve": { + "message": "Approuver" + }, + "reject": { + "message": "Rejeter" + }, + "providerAPIRequest": { + "message": "Demande d'API Web3" + }, + "reviewProviderRequest": { + "message": "Veuillez consulter cette demande d'API Ethereum." + }, + "providerRequestInfo": { + "message": "Le domaine répertorié ci-dessous tente de demander l'accès à l'API Ethereum pour pouvoir interagir avec la chaîne de blocs Ethereum. Vérifiez toujours que vous êtes sur le bon site avant d'autoriser l'accès à Ethereum." + }, "accept": { "message": "Accepter" }, diff --git a/app/_locales/hn/messages.json b/app/_locales/hn/messages.json index b869560e5..d24944d60 100644 --- a/app/_locales/hn/messages.json +++ b/app/_locales/hn/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "क्या आप वाकई अनुमोदित वेबसाइटों को साफ़ करना चाहते हैं?" + }, + "clearApprovalDataSuccess": { + "message": "स्वीकृत वेबसाइट डेटा सफलतापूर्वक मंजूरी दे दी।" + }, + "approvalData": { + "message": "स्वीकृति डेटा" + }, + "approvalDataDescription": { + "message": "अनुमोदित वेबसाइट डेटा साफ़ करें ताकि सभी साइटों को फिर से अनुमोदन का अनुरोध करना होगा।" + }, + "clearApprovalData": { + "message": "अनुमोदन डेटा साफ़ करें" + }, + "approve": { + "message": "मंजूर" + }, + "reject": { + "message": "अस्वीकार" + }, + "providerAPIRequest": { + "message": "वेब 3 एपीआई अनुरोध" + }, + "reviewProviderRequest": { + "message": "कृपया इस वेब 3 एपीआई अनुरोध की समीक्षा करें।" + }, + "providerRequestInfo": { + "message": "नीचे सूचीबद्ध डोमेन वेब 3 एपीआई तक पहुंच का अनुरोध करने का प्रयास कर रहा है ताकि यह एथेरियम ब्लॉकचेन से बातचीत कर सके। वेब 3 एक्सेस को मंजूरी देने से पहले हमेशा सही जांच करें कि आप सही साइट पर हैं।" + }, "accept": { "message": "स्वीकार करें" }, diff --git a/app/_locales/it/messages.json b/app/_locales/it/messages.json index 06e3dc855..fc90c4f43 100644 --- a/app/_locales/it/messages.json +++ b/app/_locales/it/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "Sei sicuro di voler cancellare i siti Web approvati?" + }, + "clearApprovalDataSuccess": { + "message": "Dati del sito Web approvati cancellati correttamente." + }, + "approvalData": { + "message": "Dati di approvazione" + }, + "approvalDataDescription": { + "message": "Cancella i dati del sito web approvati, quindi tutti i siti devono richiedere nuovamente l'approvazione." + }, + "clearApprovalData": { + "message": "Cancella i dati di approvazione" + }, + "approve": { + "message": "Approvare" + }, + "reject": { + "message": "Rifiutare" + }, + "providerAPIRequest": { + "message": "Richiesta API Web3" + }, + "reviewProviderRequest": { + "message": "Si prega di rivedere questa richiesta API Ethereum." + }, + "providerRequestInfo": { + "message": "Il dominio elencato di seguito sta tentando di richiedere l'accesso all'API Ethereum in modo che possa interagire con la blockchain di Ethereum. Controlla sempre di essere sul sito corretto prima di approvare l'accesso a Ethereum." + }, "accept": { "message": "Accetta" }, diff --git a/app/_locales/ja/messages.json b/app/_locales/ja/messages.json index 7b25f386a..6e82e65ee 100644 --- a/app/_locales/ja/messages.json +++ b/app/_locales/ja/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "承認されたウェブサイトをクリアしてもよろしいですか?" + }, + "clearApprovalDataSuccess": { + "message": "承認されたウェブサイトデータが正常に消去されました。" + }, + "approvalData": { + "message": "承認データ" + }, + "approvalDataDescription": { + "message": "承認されたウェブサイトのデータをクリアすると、すべてのサイトで承認を再度要求する必要があります" + }, + "clearApprovalData": { + "message": "承認データのクリア" + }, + "approve": { + "message": "承認する" + }, + "reject": { + "message": "拒否" + }, + "providerAPIRequest": { + "message": "Web3 APIリクエスト" + }, + "reviewProviderRequest": { + "message": "このEthereum APIリクエストを確認してください。" + }, + "providerRequestInfo": { + "message": "下記のドメインは、Ethereumブロックチェーンとやり取りできるようにEthereum APIへのアクセスをリクエストしようとしています。 Web3アクセスを承認する前に、正しいサイトにいることを常に確認してください。" + }, "accept": { "message": "承認" }, diff --git a/app/_locales/ko/messages.json b/app/_locales/ko/messages.json index c8d470188..41eab1f77 100644 --- a/app/_locales/ko/messages.json +++ b/app/_locales/ko/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "승인 된 웹 사이트를 삭제 하시겠습니까?" + }, + "clearApprovalDataSuccess": { + "message": "승인 된 웹 사이트 데이터가 성공적으로 삭제되었습니다." + }, + "approvalData": { + "message": "승인 데이터" + }, + "approvalDataDescription": { + "message": "승인 된 웹 사이트 데이터를 삭제하여 모든 사이트에서 승인을 다시 요청해야합니다." + }, + "clearApprovalData": { + "message": "승인 데이터 삭제" + }, + "approve": { + "message": "승인하다" + }, + "reject": { + "message": "받지 않다" + }, + "providerAPIRequest": { + "message": "Web3 API 요청" + }, + "reviewProviderRequest": { + "message": "이 Ethereum API 요청을 검토하십시오." + }, + "providerRequestInfo": { + "message": "아래 나열된 도메인은 Web3 API에 대한 액세스를 요청하여 Ethereum 블록 체인과 상호 작용할 수 있습니다. Ethereum 액세스를 승인하기 전에 항상 올바른 사이트에 있는지 다시 확인하십시오." + }, "accept": { "message": "수락" }, diff --git a/app/_locales/nl/messages.json b/app/_locales/nl/messages.json index fc3450290..71961203f 100644 --- a/app/_locales/nl/messages.json +++ b/app/_locales/nl/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "Weet je zeker dat je goedgekeurde websites wilt wissen?" + }, + "clearApprovalDataSuccess": { + "message": "Goedgekeurde websitegegevens zijn met succes gewist." + }, + "approvalData": { + "message": "Goedkeuringsgegevens" + }, + "approvalDataDescription": { + "message": "Goedgekeurde websitegegevens wissen zodat alle sites opnieuw goedkeuring moeten aanvragen." + }, + "clearApprovalData": { + "message": "Gegevens over goedkeuring wissen" + }, + "approve": { + "message": "Goedkeuren" + }, + "reject": { + "message": "Afwijzen" + }, + "providerAPIRequest": { + "message": "Web3 API-aanvraag" + }, + "reviewProviderRequest": { + "message": "Bekijk deze Ethereum API-aanvraag." + }, + "providerRequestInfo": { + "message": "Het onderstaande domein probeert toegang tot de Ethereum API te vragen zodat deze kan communiceren met de Ethereum-blockchain. Controleer altijd eerst of u op de juiste site bent voordat u Ethereum-toegang goedkeurt." + }, "accept": { "message": "Aanvaarden" }, diff --git a/app/_locales/ph/messages.json b/app/_locales/ph/messages.json index 9a243447a..fdae1748a 100644 --- a/app/_locales/ph/messages.json +++ b/app/_locales/ph/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "Sigurado ka bang gusto mong i-clear ang mga naaprubahang website?" + }, + "clearApprovalDataSuccess": { + "message": "Matagumpay na na-clear ang data ng aprubadong website." + }, + "approvalData": { + "message": "Data ng Pag-apruba" + }, + "approvalDataDescription": { + "message": "I-clear ang naaprubahang data ng website upang ang lahat ng site ay dapat humiling muli ng pag-apruba" + }, + "clearApprovalData": { + "message": "Tanggalin ang data ng pag-apruba" + }, + "approve": { + "message": "Aprubahan" + }, + "reject": { + "message": "Tanggihan" + }, + "providerAPIRequest": { + "message": "Kahilingan sa Web3 API" + }, + "reviewProviderRequest": { + "message": "Mangyaring suriin ang kahilingan sa Ethereum API na ito." + }, + "providerRequestInfo": { + "message": "Ang domain na nakalista sa ibaba ay sinusubukang humiling ng access sa Ethereum API upang maaari itong makipag-ugnayan sa Ethereum blockchain. Laging i-double check na ikaw ay nasa tamang site bago aprubahan ang Ethereum access." + }, "accept": { "message": "Tanggapin" }, diff --git a/app/_locales/pt/messages.json b/app/_locales/pt/messages.json index 287ae0400..cd0b13864 100644 --- a/app/_locales/pt/messages.json +++ b/app/_locales/pt/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "Tem certeza de que deseja limpar sites aprovados?" + }, + "clearApprovalDataSuccess": { + "message": "Dados aprovados do website foram limpos com sucesso." + }, + "approvalData": { + "message": "Dados de aprovação" + }, + "approvalDataDescription": { + "message": "Limpe os dados aprovados do website para que todos os sites solicitem aprovação novamente." + }, + "clearApprovalData": { + "message": "Limpar dados de aprovação" + }, + "approve": { + "message": "Aprovar" + }, + "reject": { + "message": "Rejeitar" + }, + "providerAPIRequest": { + "message": "Solicitação de API do Web3" + }, + "reviewProviderRequest": { + "message": "Por favor, revise esta solicitação da API da Ethereum." + }, + "providerRequestInfo": { + "message": "O domínio listado abaixo está tentando solicitar acesso à API Ethereum para que ele possa interagir com o blockchain Ethereum. Sempre verifique se você está no site correto antes de aprovar o acesso à Ethereum." + }, "accept": { "message": "Aceitar" }, diff --git a/app/_locales/ru/messages.json b/app/_locales/ru/messages.json index 45bb09683..71e23de6a 100644 --- a/app/_locales/ru/messages.json +++ b/app/_locales/ru/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "Вы уверены, что хотите очистить утвержденные веб-сайты?Tem certeza de que deseja limpar sites aprovados?" + }, + "clearApprovalDataSuccess": { + "message": "Утвержденные данные веб-сайта успешно удалены." + }, + "approvalData": { + "message": "Данные об утверждении" + }, + "approvalDataDescription": { + "message": "Очистите утвержденные данные веб-сайта, чтобы все сайты снова запросили подтверждение." + }, + "clearApprovalData": { + "message": "Четкие данные об утверждении" + }, + "approve": { + "message": "Одобрить" + }, + "reject": { + "message": "Отклонить" + }, + "providerAPIRequest": { + "message": "Запрос API Web3" + }, + "reviewProviderRequest": { + "message": "Просмотрите этот запрос API Ethereum." + }, + "providerRequestInfo": { + "message": "Домен, указанный ниже, пытается запросить доступ к API-интерфейсу Ethereum, чтобы он мог взаимодействовать с блокчейном Ethereum. Всегда проверяйте, что вы находитесь на правильном сайте, прежде чем одобрять доступ к веб-сайту." + }, "accept": { "message": "Принять" }, diff --git a/app/_locales/sl/messages.json b/app/_locales/sl/messages.json index 242cf66bf..50385cf8b 100644 --- a/app/_locales/sl/messages.json +++ b/app/_locales/sl/messages.json @@ -1,4 +1,5 @@ { +<<<<<<< HEAD "privacyMode": { "message": "Način zasebnosti" }, @@ -37,6 +38,37 @@ }, "providerRequestInfo": { "message": "Domena zahteva dostop do verige blokov in ogled vašega računa. Pred potrditvjo vedno preverite ali ste na želeni spletni strani." +======= + "confirmClear": { + "message": "Naozaj chcete vymazať schválené webové stránky?" + }, + "clearApprovalDataSuccess": { + "message": "Schválené webové stránky boli úspešne odstránené." + }, + "approvalData": { + "message": "Údaje o schválení" + }, + "approvalDataDescription": { + "message": "Vymažte schválené údaje webových stránok, aby sa všetky stránky opäť požiadali o schválenie." + }, + "clearApprovalData": { + "message": "Jasné údaje o schválení" + }, + "approve": { + "message": "Schvaľovať" + }, + "reject": { + "message": "Odmietnuť" + }, + "providerAPIRequest": { + "message": "Žiadosť API Web3" + }, + "reviewProviderRequest": { + "message": "Prečítajte si túto žiadosť rozhrania API Ethereum." + }, + "providerRequestInfo": { + "message": "Doména uvedená nižšie sa pokúša požiadať o prístup k rozhraniu API Ethereum, aby mohla komunikovať s blokom Ethereum. Pred schválením prístupu na Ethereum vždy skontrolujte, či ste na správnom mieste." +>>>>>>> EIP-1102: updated implementation }, "accept": { "message": "Potrdi" diff --git a/app/_locales/th/messages.json b/app/_locales/th/messages.json index a9f2f1022..e51577d59 100644 --- a/app/_locales/th/messages.json +++ b/app/_locales/th/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "คุณแน่ใจหรือไม่ว่าต้องการล้างเว็บไซต์ที่ผ่านการอนุมัติ" + }, + "clearApprovalDataSuccess": { + "message": "อนุมัติข้อมูลเว็บไซต์ที่ได้รับอนุมัติแล้ว" + }, + "approvalData": { + "message": "ข้อมูลการอนุมัติ" + }, + "approvalDataDescription": { + "message": "ล้างข้อมูลเว็บไซต์ที่ได้รับการอนุมัติเพื่อให้ทุกไซต์ต้องขออนุมัติอีกครั้ง" + }, + "clearApprovalData": { + "message": "ล้างข้อมูลการอนุมัติ" + }, + "approve": { + "message": "อนุมัติ" + }, + "reject": { + "message": "ปฏิเสธ" + }, + "providerAPIRequest": { + "message": "คำขอ Web3 API" + }, + "reviewProviderRequest": { + "message": "โปรดอ่านคำขอ Ethereum API นี้" + }, + "providerRequestInfo": { + "message": "โดเมนที่แสดงด้านล่างกำลังพยายามขอเข้าถึง API ของ Ethereum เพื่อให้สามารถโต้ตอบกับบล็อค Ethereum ได้ ตรวจสอบว่าคุณอยู่ในไซต์ที่ถูกต้องก่อนที่จะอนุมัติการเข้าถึง Ethereum เสมอ" + }, "accept": { "message": "ยอมรับ" }, diff --git a/app/_locales/tml/messages.json b/app/_locales/tml/messages.json index 8dc242c10..69a1870c8 100644 --- a/app/_locales/tml/messages.json +++ b/app/_locales/tml/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "அங்கீகரிக்கப்பட்ட வலைத்தளங்களை நிச்சயமாக நீக்க விரும்புகிறீர்களா?" + }, + "clearApprovalDataSuccess": { + "message": "அங்கீகரிக்கப்பட்ட வலைத்தள தரவு வெற்றிகரமாக அழிக்கப்பட்டது." + }, + "approvalData": { + "message": "ஒப்புதல் தரவு" + }, + "approvalDataDescription": { + "message": "அங்கீகரிக்கப்பட்ட வலைத்தள தரவை அழிக்கவும், அனைத்து தளங்களும் ஒப்புதல் மீண்டும் கோர வேண்டும்." + }, + "clearApprovalData": { + "message": "ஒப்புதல் தரவை அழி" + }, + "approve": { + "message": "ஒப்புதல்" + }, + "reject": { + "message": "நிராகரி" + }, + "providerAPIRequest": { + "message": "Web3 API கோரிக்கை" + }, + "reviewProviderRequest": { + "message": "இந்த வலை 3 API கோரிக்கையை மதிப்பாய்வு செய்யவும்." + }, + "providerRequestInfo": { + "message": "கீழே பட்டியலிடப்பட்டுள்ள டொமைன் Web3 ஏபிஐ அணுகலைக் கோருவதற்கு முயற்சிக்கிறது, எனவே இது Ethereum blockchain உடன் தொடர்பு கொள்ள முடியும். Web3 அணுகுமுறையை அங்கீகரிப்பதற்கு முன் சரியான தளத்தில் இருப்பதை எப்போதும் இருமுறை சரிபார்க்கவும்." + }, "accept": { "message": "ஏற்கவும்" }, diff --git a/app/_locales/tr/messages.json b/app/_locales/tr/messages.json index 0dac139dd..47ffd19e2 100644 --- a/app/_locales/tr/messages.json +++ b/app/_locales/tr/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "Onaylanmış web sitelerini silmek istediğinizden emin misiniz?" + }, + "clearApprovalDataSuccess": { + "message": "Onaylanan web sitesi verileri başarıyla temizlendi." + }, + "approvalData": { + "message": "Onay Verileri" + }, + "approvalDataDescription": { + "message": "Onaylanan web sitesi verilerini temizle, tüm sitelerin tekrar onay isteğinde bulunması gerekir." + }, + "clearApprovalData": { + "message": "Onay verilerini temizle" + }, + "approve": { + "message": "Onaylamak" + }, + "reject": { + "message": "Reddetmek" + }, + "providerAPIRequest": { + "message": "Web3 API İsteği" + }, + "reviewProviderRequest": { + "message": "Lütfen bu Ethereum API isteğini inceleyin." + }, + "providerRequestInfo": { + "message": "Aşağıda listelenen etki alanı, Ethereum API'sine erişim talep etmeye çalışmaktadır, böylece Ethereum blockchain ile etkileşime girebilir. Web3 erişimini onaylamadan önce her zaman doğru sitede olduğunuzu kontrol edin." + }, "accept": { "message": "Kabul et" }, diff --git a/app/_locales/vi/messages.json b/app/_locales/vi/messages.json index 782dfd119..b17e20392 100644 --- a/app/_locales/vi/messages.json +++ b/app/_locales/vi/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "Bạn có chắc chắn muốn xóa các trang web được phê duyệt không?" + }, + "clearApprovalDataSuccess": { + "message": "Đã xóa thành công dữ liệu trang web được phê duyệt." + }, + "approvalData": { + "message": "Dữ liệu phê duyệt" + }, + "approvalDataDescription": { + "message": "Xóa dữ liệu trang web được phê duyệt để tất cả các trang web phải yêu cầu phê duyệt lại." + }, + "clearApprovalData": { + "message": "Xóa dữ liệu phê duyệt" + }, + "approve": { + "message": "Phê duyệt" + }, + "reject": { + "message": "Từ chối" + }, + "providerAPIRequest": { + "message": "Yêu cầu API Web3" + }, + "reviewProviderRequest": { + "message": "Vui lòng xem lại yêu cầu API Ethereum này." + }, + "providerRequestInfo": { + "message": "Miền được liệt kê bên dưới đang cố gắng yêu cầu quyền truy cập vào API Ethereum để nó có thể tương tác với chuỗi khối Ethereum. Luôn kiểm tra kỹ xem bạn có đang ở đúng trang web trước khi phê duyệt quyền truy cập Ethereum hay không." + }, "accept": { "message": "Chấp nhận" }, diff --git a/app/_locales/zh_CN/messages.json b/app/_locales/zh_CN/messages.json index 90ac2a55b..cd4b8c75e 100644 --- a/app/_locales/zh_CN/messages.json +++ b/app/_locales/zh_CN/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "您确定要清除已批准的网站吗?" + }, + "clearApprovalDataSuccess": { + "message": "已批准的网站数据已成功清除。" + }, + "approvalData": { + "message": "审批数据" + }, + "approvalDataDescription": { + "message": "清除已批准的网站数据,以便所有网站都必须再次申请" + }, + "clearApprovalData": { + "message": "清除批准数据" + }, + "approve": { + "message": "批准" + }, + "reject": { + "message": "拒绝" + }, + "providerAPIRequest": { + "message": "Web3 API请求" + }, + "reviewProviderRequest": { + "message": "请查看此Ethereum API请求。" + }, + "providerRequestInfo": { + "message": "下面列出的域正在尝试请求访问Ethereum API,以便它可以与以太坊区块链进行交互。在批准Ethereum访问之前,请务必仔细检查您是否在正确的站点上。" + }, "accept": { "message": "接受" }, diff --git a/app/_locales/zh_TW/messages.json b/app/_locales/zh_TW/messages.json index f71ce311f..b7978b517 100644 --- a/app/_locales/zh_TW/messages.json +++ b/app/_locales/zh_TW/messages.json @@ -1,4 +1,34 @@ { + "confirmClear": { + "message": "您確定要清除已批准的網站嗎?" + }, + "clearApprovalDataSuccess": { + "message": "已批准的網站數據已成功清除。" + }, + "approvalData": { + "message": "審批數據" + }, + "approvalDataDescription": { + "message": "清除已批准的網站數據,以便所有網站都必須再次申請" + }, + "clearApprovalData": { + "message": "清除批准數據" + }, + "approve": { + "message": "批准" + }, + "reject": { + "message": "拒絕" + }, + "providerAPIRequest": { + "message": "Web3 API請求" + }, + "reviewProviderRequest": { + "message": "請查看此Ethereum API請求。" + }, + "providerRequestInfo": { + "message": "下面列出的域正在嘗試請求訪問Ethereum API,以便它可以與以太坊區塊鏈進行交互。在批准Ethereum訪問之前,請務必仔細檢查您是否在正確的站點上。" + }, "accept": { "message": "接受" }, diff --git a/app/scripts/background.js b/app/scripts/background.js index 2a3c5b08b..078e84928 100644 --- a/app/scripts/background.js +++ b/app/scripts/background.js @@ -256,7 +256,8 @@ function setupController (initState, initLangCode) { showUnconfirmedMessage: triggerUi, unlockAccountMessage: triggerUi, showUnapprovedTx: triggerUi, - showWatchAssetUi: showWatchAssetUi, + openPopup: openPopup, + closePopup: notificationManager.closePopup.bind(notificationManager), // initial state initState, // initial locale code @@ -447,7 +448,7 @@ function triggerUi () { * Opens the browser popup for user confirmation of watchAsset * then it waits until user interact with the UI */ -function showWatchAssetUi () { +function openPopup () { triggerUi() return new Promise( (resolve) => { diff --git a/app/scripts/contentscript.js b/app/scripts/contentscript.js index 33523eb46..060343031 100644 --- a/app/scripts/contentscript.js +++ b/app/scripts/contentscript.js @@ -11,6 +11,7 @@ const PortStream = require('extension-port-stream') const inpageContent = fs.readFileSync(path.join(__dirname, '..', '..', 'dist', 'chrome', 'inpage.js')).toString() const inpageSuffix = '//# sourceURL=' + extension.extension.getURL('inpage.js') + '\n' const inpageBundle = inpageContent + inpageSuffix +let originApproved = false // Eventually this streaming injection could be replaced with: // https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Language_Bindings/Components.utils.exportFunction @@ -20,24 +21,24 @@ const inpageBundle = inpageContent + inpageSuffix // MetaMask will be much faster loading and performant on Firefox. if (shouldInjectWeb3()) { - setupInjection() + injectScript(inpageBundle) setupStreams() + listenForProviderRequest() } /** - * Creates a script tag that injects inpage.js + * Injects a script tag into the current document + * + * @param {string} content - Code to be executed in the current document */ -function setupInjection () { +function injectScript (content) { try { - // inject in-page script - var scriptTag = document.createElement('script') - scriptTag.textContent = inpageBundle - scriptTag.onload = function () { this.parentNode.removeChild(this) } - var container = document.head || document.documentElement - // append as first child + const container = document.head || document.documentElement + const scriptTag = document.createElement('script') + scriptTag.textContent = content container.insertBefore(scriptTag, container.children[0]) } catch (e) { - console.error('Metamask injection failed.', e) + console.error('Metamask script injection failed.', e) } } @@ -54,6 +55,16 @@ function setupStreams () { const pluginPort = extension.runtime.connect({ name: 'contentscript' }) const pluginStream = new PortStream(pluginPort) + // Until this origin is approved, cut-off publicConfig stream writes at the content + // script level so malicious sites can't snoop on the currently-selected address + pageStream._write = function (data, encoding, cb) { + if (typeof data === 'object' && data.name && data.name === 'publicConfig' && !originApproved) { + cb() + return + } + LocalMessageDuplexStream.prototype._write.apply(pageStream, arguments) + } + // forward communication plugin->inpage pump( pageStream, @@ -97,6 +108,36 @@ function setupStreams () { mux.ignoreStream('publicConfig') } +/** + * Establishes listeners for requests to fully-enable the provider from the dapp context + * and for full-provider approvals and rejections from the background script context. Dapps + * should not post messages directly and should instead call provider.enable(), which + * handles posting these messages automatically. + */ +function listenForProviderRequest () { + window.addEventListener('message', (event) => { + if (event.source !== window) { return } + if (!event.data || !event.data.type || event.data.type !== 'ETHEREUM_ENABLE_PROVIDER') { return } + extension.runtime.sendMessage({ + action: 'init-provider-request', + origin: event.source.location.hostname, + }) + }) + + extension.runtime.onMessage.addListener(({ action }) => { + if (!action) { return } + switch (action) { + case 'approve-provider-request': + originApproved = true + injectScript(`window.dispatchEvent(new CustomEvent('ethereumprovider', { detail: {}}))`) + break + case 'reject-provider-request': + injectScript(`window.dispatchEvent(new CustomEvent('ethereumprovider', { detail: { error: 'User rejected provider access' }}))`) + break + } + }) +} + /** * Error handler for page to plugin stream disconnections diff --git a/app/scripts/controllers/preferences.js b/app/scripts/controllers/preferences.js index dc6fecaf5..ffb593b09 100644 --- a/app/scripts/controllers/preferences.js +++ b/app/scripts/controllers/preferences.js @@ -46,7 +46,7 @@ class PreferencesController { this.diagnostics = opts.diagnostics this.network = opts.network this.store = new ObservableStore(initState) - this.showWatchAssetUi = opts.showWatchAssetUi + this.openPopup = opts.openPopup this._subscribeProviderType() } // PUBLIC METHODS @@ -567,7 +567,7 @@ class PreferencesController { } const tokenOpts = { rawAddress, decimals, symbol, image } this.addSuggestedERC20Asset(tokenOpts) - return this.showWatchAssetUi().then(() => { + return this.openPopup().then(() => { const tokenAddresses = this.getTokens().filter(token => token.address === normalizeAddress(rawAddress)) return tokenAddresses.length > 0 }) diff --git a/app/scripts/controllers/provider-approval.js b/app/scripts/controllers/provider-approval.js new file mode 100644 index 000000000..e9b1b8e16 --- /dev/null +++ b/app/scripts/controllers/provider-approval.js @@ -0,0 +1,84 @@ +const ObservableStore = require('obs-store') + +/** + * A controller that services user-approved requests for a full Ethereum provider API + */ +class ProviderApprovalController { + /** + * Creates a ProviderApprovalController + * + * @param {Object} [config] - Options to configure controller + */ + constructor ({ closePopup, openPopup, platform, publicConfigStore } = {}) { + this.store = new ObservableStore() + this.closePopup = closePopup + this.openPopup = openPopup + this.platform = platform + this.publicConfigStore = publicConfigStore + this.approvedOrigins = {} + platform && platform.addMessageListener && platform.addMessageListener(({ action, origin }) => { + action && action === 'init-provider-request' && this.handleProviderRequest(origin) + }) + } + + /** + * Called when a tab requests access to a full Ethereum provider API + * + * @param {string} origin - Origin of the window requesting full provider access + */ + handleProviderRequest (origin) { + this.store.updateState({ providerRequests: [{ origin }] }) + if (this.approvedOrigins[origin]) { + this.approveProviderRequest(origin) + return + } + this.openPopup && this.openPopup() + } + + /** + * Called when a user approves access to a full Ethereum provider API + * + * @param {string} origin - Origin of the target window to approve provider access + */ + approveProviderRequest (origin) { + this.closePopup && this.closePopup() + const requests = this.store.getState().providerRequests || [] + this.platform && this.platform.sendMessage({ action: 'approve-provider-request' }, { active: true }) + this.publicConfigStore.emit('update', this.publicConfigStore.getState()) + const providerRequests = requests.filter(request => request.origin !== origin) + this.store.updateState({ providerRequests }) + this.approvedOrigins[origin] = true + } + + /** + * Called when a tab rejects access to a full Ethereum provider API + * + * @param {string} origin - Origin of the target window to reject provider access + */ + rejectProviderRequest (origin) { + this.closePopup && this.closePopup() + const requests = this.store.getState().providerRequests || [] + this.platform && this.platform.sendMessage({ action: 'reject-provider-request' }, { active: true }) + const providerRequests = requests.filter(request => request.origin !== origin) + this.store.updateState({ providerRequests }) + } + + /** + * Clears any cached approvals for user-approved origins + */ + clearApprovedOrigins () { + this.approvedOrigins = {} + } + + /** + * Determines if a given origin has been approved + * + * @param {string} origin - Domain origin to check for approval status + * @returns {boolean} - True if the origin has been approved + */ + isApproved (origin) { + return this.approvedOrigins[origin] + } +} + +module.exports = ProviderApprovalController diff --git a/app/scripts/inpage.js b/app/scripts/inpage.js index b885a7e05..25bfe1416 100644 --- a/app/scripts/inpage.js +++ b/app/scripts/inpage.js @@ -31,19 +31,18 @@ var inpageProvider = new MetamaskInpageProvider(metamaskStream) inpageProvider.setMaxListeners(100) // Augment the provider with its enable method -inpageProvider.enable = function (options = {}) { +inpageProvider.enable = function () { return new Promise((resolve, reject) => { - if (options.mockRejection) { - reject('User rejected account access') - } else { - inpageProvider.sendAsync({ method: 'eth_accounts', params: [] }, (error, response) => { - if (error) { - reject(error) - } else { - resolve(response.result) - } - }) - } + window.addEventListener('ethereumprovider', ({ detail }) => { + if (typeof detail.error !== 'undefined') { + reject(detail.error) + } else { + inpageProvider.publicConfigStore.once('update', () => { + resolve(inpageProvider.send({ method: 'eth_accounts' }).result) + }) + } + }) + window.postMessage({ type: 'ETHEREUM_ENABLE_PROVIDER' }, '*') }) } diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js index 1f6a8659b..cffc5797b 100644 --- a/app/scripts/metamask-controller.js +++ b/app/scripts/metamask-controller.js @@ -37,6 +37,7 @@ const TransactionController = require('./controllers/transactions') const BalancesController = require('./controllers/computed-balances') const TokenRatesController = require('./controllers/token-rates') const DetectTokensController = require('./controllers/detect-tokens') +const ProviderApprovalController = require('./controllers/provider-approval') const nodeify = require('./lib/nodeify') const accountImporter = require('./account-import-strategies') const getBuyEthUrl = require('./lib/buy-eth-url') @@ -89,7 +90,7 @@ module.exports = class MetamaskController extends EventEmitter { this.preferencesController = new PreferencesController({ initState: initState.PreferencesController, initLangCode: opts.initLangCode, - showWatchAssetUi: opts.showWatchAssetUi, + openPopup: opts.openPopup, network: this.networkController, }) @@ -219,6 +220,13 @@ module.exports = class MetamaskController extends EventEmitter { this.typedMessageManager = new TypedMessageManager({ networkController: this.networkController }) this.publicConfigStore = this.initPublicConfigStore() + this.providerApprovalController = new ProviderApprovalController({ + closePopup: opts.closePopup, + openPopup: opts.openPopup, + platform: opts.platform, + publicConfigStore: this.publicConfigStore, + }) + this.store.updateStructure({ TransactionController: this.txController.store, KeyringController: this.keyringController.store, @@ -248,6 +256,7 @@ module.exports = class MetamaskController extends EventEmitter { NoticeController: this.noticeController.memStore, ShapeshiftController: this.shapeshiftController.store, InfuraController: this.infuraController.store, + ProviderApprovalController: this.providerApprovalController.store, }) this.memStore.subscribe(this.sendUpdate.bind(this)) } @@ -263,7 +272,10 @@ module.exports = class MetamaskController extends EventEmitter { }, version, // account mgmt - getAccounts: async () => { + getAccounts: async ({ origin }) => { + // Expose no accounts if this origin has not been approved, preventing + // account-requring RPC methods from completing successfully + if (origin !== 'MetaMask' && !this.providerApprovalController.isApproved(origin)) { return [] } const isUnlocked = this.keyringController.memStore.getState().isUnlocked const selectedAddress = this.preferencesController.getSelectedAddress() // only show address if account is unlocked @@ -349,6 +361,7 @@ module.exports = class MetamaskController extends EventEmitter { const noticeController = this.noticeController const addressBookController = this.addressBookController const networkController = this.networkController + const providerApprovalController = this.providerApprovalController return { // etc @@ -437,6 +450,10 @@ module.exports = class MetamaskController extends EventEmitter { // notices checkNotices: noticeController.updateNoticesList.bind(noticeController), markNoticeRead: noticeController.markNoticeRead.bind(noticeController), + + approveProviderRequest: providerApprovalController.approveProviderRequest.bind(providerApprovalController), + clearApprovedOrigins: providerApprovalController.clearApprovedOrigins.bind(providerApprovalController), + rejectProviderRequest: providerApprovalController.rejectProviderRequest.bind(providerApprovalController), } } diff --git a/app/scripts/platforms/extension.js b/app/scripts/platforms/extension.js index 71b162dd0..9ef0d22c9 100644 --- a/app/scripts/platforms/extension.js +++ b/app/scripts/platforms/extension.js @@ -57,6 +57,18 @@ class ExtensionPlatform { } } + addMessageListener (cb) { + extension.runtime.onMessage.addListener(cb) + } + + sendMessage (message, query = {}) { + extension.tabs.query(query, tabs => { + tabs.forEach(tab => { + extension.tabs.sendMessage(tab.id, message) + }) + }) + } + _showConfirmedTransaction (txMeta) { this._subscribeToNotificationClicked() diff --git a/old-ui/app/app.js b/old-ui/app/app.js index f5e03d4f6..2d364ef6f 100644 --- a/old-ui/app/app.js +++ b/old-ui/app/app.js @@ -33,6 +33,7 @@ const BuyView = require('./components/buy-button-subview') const HDCreateVaultComplete = require('./keychains/hd/create-vault-complete') const HDRestoreVaultScreen = require('./keychains/hd/restore-vault') const RevealSeedConfirmation = require('./keychains/hd/recover-seed/confirmation') +const ProviderApproval = require('./provider-approval') module.exports = connect(mapStateToProps)(App) @@ -49,6 +50,7 @@ function mapStateToProps (state) { noActiveNotices, seedWords, featureFlags, + providerRequests, } = state.metamask const selected = address || Object.keys(accounts)[0] @@ -75,6 +77,7 @@ function mapStateToProps (state) { lostAccounts: state.metamask.lostAccounts, frequentRpcListDetail: state.metamask.frequentRpcListDetail || [], featureFlags, + providerRequests, suggestedTokens: state.metamask.suggestedTokens, // state needed to get account dropdown temporarily rendering from app bar @@ -147,7 +150,7 @@ App.prototype.renderLoadingIndicator = function ({ isLoading, isLoadingNetwork, App.prototype.renderPrimary = function () { log.debug('rendering primary') var props = this.props - const {isMascara, isOnboarding} = props + const {isMascara, isOnboarding, providerRequests} = props if (isMascara && isOnboarding) { return h(MascaraFirstTime) @@ -215,6 +218,11 @@ App.prototype.renderPrimary = function () { return h(HDCreateVaultComplete, {key: 'HDCreateVaultComplete'}) } + if (providerRequests && providerRequests.length > 0) { + log.debug('rendering provider API approval screen') + return h(ProviderApproval, { origin: providerRequests[0].origin }) + } + // show current view switch (props.currentView.name) { diff --git a/old-ui/app/config.js b/old-ui/app/config.js index 7a93887a5..999b556c6 100644 --- a/old-ui/app/config.js +++ b/old-ui/app/config.js @@ -200,6 +200,31 @@ ConfigScreen.prototype.render = function () { h('hr.horizontal-line'), + h('div', { + style: { + marginTop: '20px', + }, + }, [ + h('p', { + style: { + fontFamily: 'Montserrat Light', + fontSize: '13px', + }, + }, 'Clear approved website data so all sites must request approval again.'), + h('br'), + h('button', { + style: { + alignSelf: 'center', + }, + onClick (event) { + event.preventDefault() + state.dispatch(actions.clearApprovedOrigins()) + }, + }, 'Clear approval data'), + ]), + + h('hr.horizontal-line'), + h('div', { style: { marginTop: '20px', diff --git a/old-ui/app/provider-approval.js b/old-ui/app/provider-approval.js new file mode 100644 index 000000000..c4c7ff64d --- /dev/null +++ b/old-ui/app/provider-approval.js @@ -0,0 +1,64 @@ +import PropTypes from 'prop-types' +import React, { Component } from 'react' +import { approveProviderRequest, rejectProviderRequest } from '../../ui/app/actions' +import { connect } from 'react-redux' +class ProviderApproval extends Component { + render () { + const { approveProviderRequest, origin, rejectProviderRequest } = this.props + return ( +
+