From d4171ccea51db04aa40320de8770e22203d4d6c2 Mon Sep 17 00:00:00 2001 From: bitpshr Date: Mon, 29 Oct 2018 23:44:04 +0100 Subject: [PATCH] Disable approval caching --- app/scripts/contentscript.js | 8 ++++++-- app/scripts/controllers/provider-approval.js | 20 +++++++++++++++++--- app/scripts/inpage.js | 11 ++++++++++- app/scripts/metamask-controller.js | 1 + 4 files changed, 34 insertions(+), 6 deletions(-) diff --git a/app/scripts/contentscript.js b/app/scripts/contentscript.js index 2c2efda1c..fa8b3207f 100644 --- a/app/scripts/contentscript.js +++ b/app/scripts/contentscript.js @@ -142,7 +142,7 @@ function listenForProviderRequest () { } }) - extension.runtime.onMessage.addListener(({ action = '', isApproved, isUnlocked }) => { + extension.runtime.onMessage.addListener(({ action = '', isApproved, caching, isUnlocked }) => { switch (action) { case 'approve-provider-request': isEnabled = true @@ -152,11 +152,15 @@ function listenForProviderRequest () { injectScript(`window.dispatchEvent(new CustomEvent('ethereumprovider', { detail: { error: 'User rejected provider access' }}))`) break case 'answer-is-approved': - injectScript(`window.dispatchEvent(new CustomEvent('ethereumisapproved', { detail: { isApproved: ${isApproved}}}))`) + injectScript(`window.dispatchEvent(new CustomEvent('ethereumisapproved', { detail: { isApproved: ${isApproved}, caching: ${caching}}}))`) break case 'answer-is-unlocked': injectScript(`window.dispatchEvent(new CustomEvent('metamaskisunlocked', { detail: { isUnlocked: ${isUnlocked}}}))`) break + case 'metamask-set-locked': + isEnabled = false + injectScript(`window.dispatchEvent(new CustomEvent('metamasksetlocked', { detail: {}}))`) + break } }) } diff --git a/app/scripts/controllers/provider-approval.js b/app/scripts/controllers/provider-approval.js index 66017c58e..cbdebc3e3 100644 --- a/app/scripts/controllers/provider-approval.js +++ b/app/scripts/controllers/provider-approval.js @@ -4,6 +4,11 @@ const ObservableStore = require('obs-store') * A controller that services user-approved requests for a full Ethereum provider API */ class ProviderApprovalController { + /** + * Determines if caching is enabled + */ + caching = false + /** * Creates a ProviderApprovalController * @@ -44,7 +49,7 @@ class ProviderApprovalController { */ _handleProviderRequest (origin) { this.store.updateState({ providerRequests: [{ origin }] }) - if (this.isApproved(origin)) { + if (this.isApproved(origin) && this.caching) { this.approveProviderRequest(origin) return } @@ -57,8 +62,9 @@ class ProviderApprovalController { * @param {string} origin - Origin of the window */ _handleIsApproved (origin) { - const isApproved = this.isApproved(origin) - this.platform && this.platform.sendMessage({ action: 'answer-is-approved', isApproved }, { active: true }) + const isApproved = this.isApproved(origin) && this.caching + const caching = this.caching + this.platform && this.platform.sendMessage({ action: 'answer-is-approved', isApproved, caching }, { active: true }) } /** @@ -125,6 +131,14 @@ class ProviderApprovalController { const privacyMode = this.preferencesController.getFeatureFlags().privacyMode return !privacyMode || this.approvedOrigins[origin] } + + /** + * Tells all tabs that MetaMask is now locked. This is primarily used to set + * internal flags in the contentscript and inpage script. + */ + setLocked () { + this.platform.sendMessage({ action: 'metamask-set-locked' }) + } } module.exports = ProviderApprovalController diff --git a/app/scripts/inpage.js b/app/scripts/inpage.js index a60d19480..29811c216 100644 --- a/app/scripts/inpage.js +++ b/app/scripts/inpage.js @@ -35,6 +35,11 @@ var inpageProvider = new MetamaskInpageProvider(metamaskStream) // set a high max listener count to avoid unnecesary warnings inpageProvider.setMaxListeners(100) +// set up a listener for when MetaMask is locked +window.addEventListener('metamasksetlocked', () => { + isEnabled = false +}) + // augment the provider with its enable method inpageProvider.enable = function () { return new Promise((resolve, reject) => { @@ -101,7 +106,11 @@ inpageProvider._metamask = new Proxy({ if (typeof detail.error !== 'undefined') { reject(detail.error) } else { - resolve(!!detail.isApproved) + if (!detail.caching) { + resolve(!!detail.isApproved) + } else { + resolve(isEnabled) + } } }) window.postMessage({ type: 'ETHEREUM_IS_APPROVED' }, '*') diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js index c7fc42eb4..33278db85 100644 --- a/app/scripts/metamask-controller.js +++ b/app/scripts/metamask-controller.js @@ -1581,6 +1581,7 @@ module.exports = class MetamaskController extends EventEmitter { * Locks MetaMask */ setLocked() { + this.providerApprovalController.setLocked() return this.keyringController.setLocked() } }