Disable approval caching

2024-11-22 18:00:18 +01:00 · 2018-10-29 23:44:04 +01:00 · 2018-10-29 23:44:04 +01:00 · d4171ccea5
commit d4171ccea5
parent cc1bab6ebb
4 changed files with 34 additions and 6 deletions
--- a/app/scripts/contentscript.js
+++ b/app/scripts/contentscript.js
@ -142,7 +142,7 @@ function listenForProviderRequest () {
    }
  })

-  extension.runtime.onMessage.addListener(({ action = '', isApproved, isUnlocked }) => {
+  extension.runtime.onMessage.addListener(({ action = '', isApproved, caching, isUnlocked }) => {
    switch (action) {
      case 'approve-provider-request':
        isEnabled = true
@ -152,11 +152,15 @@ function listenForProviderRequest () {
        injectScript(`window.dispatchEvent(new CustomEvent('ethereumprovider', { detail: { error: 'User rejected provider access' }}))`)
        break
      case 'answer-is-approved':
-        injectScript(`window.dispatchEvent(new CustomEvent('ethereumisapproved', { detail: { isApproved: ${isApproved}}}))`)
+        injectScript(`window.dispatchEvent(new CustomEvent('ethereumisapproved', { detail: { isApproved: ${isApproved}, caching: ${caching}}}))`)
        break
      case 'answer-is-unlocked':
        injectScript(`window.dispatchEvent(new CustomEvent('metamaskisunlocked', { detail: { isUnlocked: ${isUnlocked}}}))`)
        break
+      case 'metamask-set-locked':
+        isEnabled = false
+        injectScript(`window.dispatchEvent(new CustomEvent('metamasksetlocked', { detail: {}}))`)
+        break
    }
  })
 }
--- a/app/scripts/controllers/provider-approval.js
+++ b/app/scripts/controllers/provider-approval.js
@ -4,6 +4,11 @@ const ObservableStore = require('obs-store')
 * A controller that services user-approved requests for a full Ethereum provider API
 */
 class ProviderApprovalController {
+  /**
+   * Determines if caching is enabled
+   */
+  caching = false
+
  /**
   * Creates a ProviderApprovalController
   *
@ -44,7 +49,7 @@ class ProviderApprovalController {
   */
  _handleProviderRequest (origin) {
    this.store.updateState({ providerRequests: [{ origin }] })
-    if (this.isApproved(origin)) {
+    if (this.isApproved(origin) && this.caching) {
      this.approveProviderRequest(origin)
      return
    }
@ -57,8 +62,9 @@ class ProviderApprovalController {
   * @param {string} origin - Origin of the window
   */
  _handleIsApproved (origin) {
-    const isApproved = this.isApproved(origin)
-    this.platform && this.platform.sendMessage({ action: 'answer-is-approved', isApproved }, { active: true })
+    const isApproved = this.isApproved(origin) && this.caching
+    const caching = this.caching
+    this.platform && this.platform.sendMessage({ action: 'answer-is-approved', isApproved, caching }, { active: true })
  }

  /**
@ -125,6 +131,14 @@ class ProviderApprovalController {
    const privacyMode = this.preferencesController.getFeatureFlags().privacyMode
    return !privacyMode || this.approvedOrigins[origin]
  }
+
+  /**
+   * Tells all tabs that MetaMask is now locked. This is primarily used to set
+   * internal flags in the contentscript and inpage script.
+   */
+  setLocked () {
+    this.platform.sendMessage({ action: 'metamask-set-locked' })
+  }
 }

 module.exports = ProviderApprovalController
--- a/app/scripts/inpage.js
+++ b/app/scripts/inpage.js
@ -35,6 +35,11 @@ var inpageProvider = new MetamaskInpageProvider(metamaskStream)
 // set a high max listener count to avoid unnecesary warnings
 inpageProvider.setMaxListeners(100)

+// set up a listener for when MetaMask is locked
+window.addEventListener('metamasksetlocked', () => {
+  isEnabled = false
+})
+
 // augment the provider with its enable method
 inpageProvider.enable = function () {
  return new Promise((resolve, reject) => {
@ -101,7 +106,11 @@ inpageProvider._metamask = new Proxy({
        if (typeof detail.error !== 'undefined') {
          reject(detail.error)
        } else {
-          resolve(!!detail.isApproved)
+          if (!detail.caching) {
+            resolve(!!detail.isApproved)
+          } else {
+            resolve(isEnabled)
+          }
        }
      })
      window.postMessage({ type: 'ETHEREUM_IS_APPROVED' }, '*')
--- a/app/scripts/metamask-controller.js
+++ b/app/scripts/metamask-controller.js
@ -1581,6 +1581,7 @@ module.exports = class MetamaskController extends EventEmitter {
   * Locks MetaMask
   */
  setLocked() {
+    this.providerApprovalController.setLocked()
    return this.keyringController.setLocked()
  }
 }