1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-22 18:00:18 +01:00
Commit Graph

113 Commits

Author SHA1 Message Date
Ariella Vu
d3c7b9fb32
MV3: contentscript.js - re-activate streams when Service Worker terminates and then resets (#15494)
* contentscript: reactivate streams pt.1

* contentscript: reactivate streams pt. 2

* scripts/inpage.js: use const

* clean: rm unused @param

* contentscript: reactivate streams pt. 3
- reorganize functions

* resetSteamAndListeners -> resetStreamAndListeners

* contentscript: skip Legacy Provider while WIP

* contentscript: rm comment sentence

* initPageStreams -> initStreams

* setupPageStreams -> setupStreams

* contentscript: only destroy extension streams WIP

* remove pageMuxChannel listeners (It works!)
- credits to @gudhatt for this missing piece

Co-authored-by: Mark Stacey <markjstacey@gmail.com>

* contentscript: cleanup

* contentscript: support legacy streams
w/ service workers

* contentscript: support phishing streams
w/ service workers

* contentscript: muxChannel -> channel

* contentscript: phishingExension -> phishingExt

* contentscript: add section comments

* contentscript: revert condensing comment

* contentscript: pagePhishing -> phishingPage

* contentscript: update comments

* contentscript: fix phishingExtPort

* contentscript: stream -> streams

* contentscript: update SW keep alive logic
should only keep alive when dapp is open / contentscript page

* rm console.log

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
Co-authored-by: Jyoti Puri <jyotipuri@gmail.com>
2022-09-13 14:20:08 -07:00
David Walsh
9cf358a82a
Fix #14846 - Inject provider for MV3 via app-init (#15448) 2022-08-15 11:26:13 -05:00
Erik Marks
43c33b676f
@metamask/providers@8.1.1 (#11078)
* @metamask/providers@8.1.1

* Minimize import footprint
2021-05-12 19:51:14 -07:00
Erik Marks
29fa00a97b
@metamask/post-message-stream@4.0.0 (#10989) 2021-05-05 16:07:48 -07:00
Erik Marks
76a2a9bb8b
@metamask/eslint config@5.0.0 (#10358)
* @metamask/eslint-config@5.0.0
* Update eslintrc and prettierrc
* yarn lint:fix
2021-02-04 10:15:23 -08:00
Erik Marks
3bf94164ac
@metamask/inpage-provider@^8.0.0 (#8640)
* @metamask/inpage-provider@^8.0.0
* Replace public config store with JSON-RPC notifications
* Encapsulate notification permissioning in permissions controller
* Update prefix of certain internal RPC methods and notifications
* Add accounts to getProviderState
* Send accounts with isUnlocked notification (#10007)
* Rename provider streams, notify provider of stream failures (#10006)
2020-12-08 11:48:47 -08:00
Erik Marks
6795298c65
Remove web3 injection (#9156)
* Remove web3 injection
* Implement logWeb3ShimUsage
2020-12-07 12:09:02 -08:00
Dan Finlay
8443c3bdde
Warn instead of throw on duplicate web3 and do not inject (#9832) 2020-11-09 10:40:40 -08:00
Whymarrh Whitby
b6ccd22d6c
Update ESLint shared config to v3 (#9274)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-08-19 13:57:05 -02:30
Whymarrh Whitby
9b78d3ab07
Fix import/extensions issues (#9217)
See [`import/extensions`](https://eslint.org/docs/rules/import/extensions) for more information.

This change enables `import/extensions` and fixes the issues raised by the rule.
2020-08-14 09:16:45 -02:30
Erik Marks
e5cb63eea2
Add web3 usage metrics, prepare for web3 removal (#9144)
* add web3 usage metrics

* move web3 metrics method to new middleware

* rename some methods, files, and exports
2020-08-07 12:28:23 -07:00
Mark Stacey
9e2e353a24
Define global web3 as non-enumerable (#8634)
We inject `web3` globally on most websites. This has been breaking
websites that attempted to serialize the `window` object, because any
attempt to access certain `web3` properties (such as `web3.eth.mining`)
would throw an error. This is because `web3` defined a getter for these
properties that would call `.send([method])`, which doesn't work for
most methods.

An example of a site that this breaks is `Storybook`, when the
`@storybook/addon-actions` addon is being used. When using storybook
with this addon and with the MetaMask extension installed, actions
would not be properly dispatched because an error would be thrown in
the attempt to serialize the event (which includes a reference to the
`window`).

The `web3` global we inject is now defined as non-enumerable, so it
will be skipped automatically in any attempt to serialize the `window`
object.
2020-05-20 20:18:25 -07:00
Erik Marks
c011c0406b
Add new inpage provider package (#8442)
* add @metamask/inpage-provider

* fix failing e2e tests

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-04-28 17:14:51 -07:00
Erik Marks
8e307f8d71
update inpage-provider; minor fixes (#7997) 2020-02-06 07:57:54 -08:00
Whymarrh Whitby
92971d3c87
Migrate codebase to use ESM (#7730)
* Update eslint-plugin-import version

* Convert JS files to use ESM

* Update ESLint rules to check imports

* Fix test:unit:global command env

* Cleanup mock-dev script
2020-01-09 00:04:58 -03:30
Dan Finlay
f519fa1ed3
Connect distinct accounts per site (#7004)
* add PermissionsController

remove provider approval controller
integrate rpc-cap
create PermissionsController
move provider approval functionality to permissions controller
add permissions approval ui, settings page
add permissions activity and history
move some functionality to metamask-inpage-provider
rename siteMetadata -> domainMetadata

add accountsChange notification to inpage provider
move functionality to inpage provider
update inpage provider
Remove 'Connections' settings page (#7369)
add hooks for exposing accounts in settings
rename unused messages in non-English locales

Add external extension id to metadata (#7396)

update inpage provider, rpc-cap
add eth_requestAccounts handling to background
prevent notifying connections if extension is locked
update inpage provider
Fix lint errors
add migration
review fixes
transaction controller review updates
removed unused messages

* Login Per Site UI (#7368)

* LoginPerSite original UI changes to keep

* First commit

* Get necessary connected tab info for redirect and icon display for permissioned sites

* Fix up designs and add missing features

* Some lint fixes

* More lint fixes

* Ensures the tx controller + tx-state-manager orders transactions in the order they are received

* Code cleanup for LoginPerSite-ui

* Update e2e tests to use new connection flow

* Fix display of connect screen and app header after login when connect request present

* Update metamask-responsive-ui.spec for new item in accounts dropdown

* Fix approve container by replacing approvedOrigins with domainMetaData

* Adds test/e2e/permissions.spec.js

* Correctly handle cancellation of a permissions request

* Redirect to home after disconnecting all sites / cancelling all permissions

* Fix display of site icons in menu

* Fix height of permissions page container

* Remove unused locale messages

* Set default values for openExternalTabs and tabIdOrigins in account-menu.container

* More code cleanup for LoginPerSite-ui

* Use extensions api to close tab in permissions-connect

* Remove unnecessary change in domIsReady() in contentscript

* Remove unnecessary private function markers and class methods (for background tab info) in metamask-controller.

* Adds getOriginOfCurrentTab selector

* Adds IconWithFallback component and substitutes for appropriate cases

* Add and utilize font mixins

* Remove unused  method in disconnect-all.container.js

* Simplify buttonSizeLarge code in page-container-footer.component.js

* Add and utilize getAccountsWithLabels selector

* Remove console.log in ui/app/store/actions.js

* Change last connected time format to yyyy-M-d

* Fix css associated with IconWithFallback change

* Ensure tracked openNonMetamaskTabsIDs are correctly set to inactive on tab changes

* Code cleanup for LoginPerSite-ui

* Use reusable function for modifying openNonMetamaskTabsIDs in background.js

* Enables automatic switching to connected account when connected domain is open

* Prevent exploit of tabIdOriginMap in background.js

* Remove unneeded code from contentscript.js

* Simplify current tab origin and window opener logic using remotePort listener tabs.queryTabs

* Design and styling fixes for LoginPerSite-ui

* Fix permissionHistory and permission logging for eth_requestAccounts and eth_accounts

* Front end changes to support display of lastConnected time in connected and permissions screens

* Fix lint errors

* Refactor structure of permissionsHistory

* Fix default values and object modifications for domain and permissionsHistory related data

* Fix connecting to new accounts from modal

* Replace retweet.svg with connect-white.svg

* Fix signature-request.spec

* Update metamask-inpage-provider version

* Fix permissions e2e tests

* Remove unneeded delay from test/e2e/signature-request.spec.js

* Add delay before attempting to retrieve network id in dapp in ethereum-on=.spec

* Use requestAccountTabIds strategy for determining tab id that opened a given window

* Improve default values for permissions requests

* Add some message descriptions to app/_locales/en/messages.json

* Code clean up in permission controller

* Stopped deep cloning object in mapObjectValues

* Bump metamask-inpage-provider version

* Add missing description in app/_locales/en/messages.json

* Return promises from queryTabs and switchToTab of extension.js

* Remove unused getAllPermissions function

* Use default props in icon-with-fallback.component.js

* Stop passing  to permissions controller

* Delete no longer used clear-approved-origins modal code

* Remove duplicate imports in ui/app/components/app/index.scss

* Use URL instead of regex in getOriginFromUrl()

* Add runtime error checking to platform, promise based extension.tab methods

* Support permission requests from external extensions

* Improve font size and colour of the domain origin on the permission confirmation screen

* Add support for toggling permissions

* Ensure getRenderablePermissionsDomains only returns domains with exposedAccount caveat permissions

* Remove unused code from LoginPerSite-ui branch

* Ensure modal closes on Enter press for new-account-modal.component.js

* Lint fix

* fixup! Login Per Site UI (#7368)

* Some code cleanup for LoginPerSite

* Adds UX for connecting to dapps via the connected sites screen (#7593)

* Adds UX for connecting to dapps via the connected sites screen

* Use openMetaMaskTabIds from background.js to determine if current active tab is MetaMask

* Delete unused permissions controller methods

* Fixes two small bugs in the LoginPerSite ui (#7595)

* Restore `providerRequest` message translations (#7600)

This message was removed, but it was replaced with a very similar
message called `likeToConnect`. The only difference is that the new
message has "MetaMask" in it. Preserving these messages without
"MetaMask" is probably better than deleting them, so these messages
have all been restored and renamed to `likeToConnect`.

* Login per site no sitemetadata fix (#7610)

* Support connected sites for which we have no site metadata.

* Change property containing subtitle info often populated by origin to a more accurate of purpose name

* Lint fix

* Improve disconnection modal messages (#7612)

* Improve disconnectAccountModalDescription and disconnectAllModalDescription messages

* Update disconnectAccountModalDescription app/_locales/en/messages.json

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* Improve disconnectAccount modal message clarity

* Adds cancel button to the account selection screen of the permissions request flow (#7613)

* Fix eth_accounts permission language & selectability (#7614)

* fix eth_accounts language & selectability

* fix MetaMask capitalization in all messages

* Close sidebar when opening connected sites (#7611)

The 'Connected Sites' button in the accounts details now closes the
sidebar, if it is open. This was accomplished by pulling the click
handler for that button up to the wallet view component, where another
button already followed a similar pattern of closing the sidebar.

It seemed confusing to me that one handler was in the `AccountsDetails`
container component, and one was handed down from above, so I added
PropTypes to the container component.

I'm not sure that the WalletView component is the best place for this
logic, but I've put it there for now to be consistent with the add
token button.

* Reject permissions request upon tab close (#7618)

Permissions requests are now rejected when the page is closed. This
only applies to the full-screen view, as that is the view permission
requests should be handled in. The case where the user deals with the
request through a different view is handled in #7617

* Handle tab update failure (#7619)

`extension.tabs.update` can sometimes fail if the user interacts with
the tabs directly around the same time. The redirect flow has been
updated to ensure that the permissions tab is still closed in that
case. The user is on their own to find the dapp tab again in that case.

* Login per site tab popup fixes (#7617)

* Handle redirect in response to state update in permissions-connect

* Ensure origin is available to permissions-connect subcomponents during redirect

* Hide app bar whenever on redirect route

* Improvements to handling of redirects in permissions-connect

* Ensure permission request id change handling only happens when page is not null

* Lint fix

* Decouple confirm transaction screen from the selected address (#7622)

* Avoid race condtion that could prevent contextual account switching (#7623)

There was a race condition in the logic responsible for switching the
selected account based upon the active tab. It was asynchronously
querying the active tab, then assuming it had been retrieved later.

The active tab info itself was already in the redux store in another
spot, one that is guaranteed to be set before the UI renders. The
race condition was avoided by deleting the duplicate state, and using
the other active tab state.

* Only redirect back to dapp if current tab is active (#7621)

The "redirect back to dapp" behaviour can be disruptive when the
permissions connect tab is not active. The purpose of the redirect was
to maintain context between the dapp and the permissions request, but
if the user has already moved to another tab, that no longer applies.

* Fix JSX style lint errors

* Remove unused state
2019-12-03 09:35:56 -08:00
Mark Stacey
f763979bed
Add support for one-click onboarding (#7017)
* Add support for one-click onboarding

MetaMask now allows sites to register as onboarding the user, so that
the user is redirected back to the initiating site after onboarding.
This is accomplished through the use of the `metamask-onboarding`
library and the MetaMask forwarder.

At the end of onboarding, a 'snackbar'-stype component will explain to the
user they are about to be moved back to the originating dapp, and it will
show the origin of that dapp. This is intended to help prevent phishing
attempts, as it highlights that a redirect is taking place to an untrusted
third party.

If the onboarding initiator tab is closed when onboarding is finished,
the user is redirected to the onboarding originator as a fallback.

Closes #6161

* Add onboarding button to contract test dapp

The `contract-test` dapp (run with `yarn dapp`, used in e2e tests) now
uses a `Connect` button instead of connecting automatically. This
button also serves as an onboarding button when a MetaMask installation
is not detected.

* Add new static server for test dapp

The `static-server` library we were using for the `contract-test` dapp
didn't allow referencing files outside the server root. This should
have been possible to work around using symlinks, but there was a bug
that resulted in symlinks crashing the server.

Instead it has been replaced with a simple static file server that
will serve paths starting with `node_modules` from the project root.
This will be useful in testing the onboarding library without vendoring
it.

* Add `@metamask/onboarding` and `@metamask/forwarder`

Both libraries used to test onboarding are now included as dev
dependencies, to help with testing. A few convenience scripts
were added to help with this (`yarn forwarder` and `yarn dapp-forwarder`)
2019-11-22 13:03:51 -04:00
Whymarrh Whitby
6bd87e1f09
Add web3 deprecation warning (#7334)
* Add web3 deprecation warning

* Update web3 deprecation article URL
2019-10-31 21:56:02 -02:30
Mark Stacey
2ceac1f27f Add warning about reload on network change
We are soon removing the automatic refresh on network change behavior.
A warning has been added to ensure sites know about this upcoming
change.

Any site that calls `.enable` is advised to use a
`networkChanged` event handler to reload manually if they rely upon
that behavior. They are also advised to set the flag
`autoRefreshOnNetworkChange` to `false` to opt-out of the reload
behavior early.

This warning might be irritating for certain sites, as they might be
indifferent to whether or not the site reloads, and not eager to set a
flag to opt-in early just to silence the warning. However there was no
other obvious way to warning the right people about this change, as
any warning prior to an actual reload would only be seen by the few
people that set their browser console to preserve logs.

Relates to #3599
2019-08-21 14:14:35 -03:00
Mark Stacey
32fffe53f5
Remove Drizzle tests (#6855)
The Drizzle tests have not been used for some time. They were used to
ensure compatibility with newer versions of `web3` v1. If we want to
re-add tests to ensure compatibility with newer `web3` versions, we
should find some way of doing that more reliably than was done here -
these tests were somewhat flaky and unreliable.
2019-07-15 17:10:46 -03:00
Mark Stacey
95f198550e
Declare variables before use (#6806)
While working on #6805, I noticed that many variables were being used
before they were declared. Technically this worked fine in practice
because we were using the `transform-es2015-block-scoping` Babel plugin,
which transforms `let` and `const` to `var`, which is hoisted. However,
after removing that Babel transformation, many things broke.

All instances of variables or classes being used before declared have
been fixed.

The `no-use-before-define` eslint rule has been added to catch these
cases going forward. The rule is disabled for function declarations for
the moment, because those are always hoisted. We could disable that too
if we want to, but it's purely stylistic and would require a lot more
changes.
2019-07-05 14:01:34 -03:00
bitpshr
e8f6dff0be bugfix: reject enable promise on user rejection 2019-05-31 16:07:58 -04:00
kumavis
2845398c3d Refactor ProviderApprovalController to use rpc and publicConfigStore (#6410)
* Ensure home screen does not render if there are unapproved txs (#6501)

* Ensure that the confirm screen renders before the home screen if there are unapproved txs.

* Only render confirm screen before home screen on mount.

* inpage - revert _metamask api to isEnabled isApproved isUnlocked
2019-05-03 13:32:05 -04:00
Sneh Koul
6a60562d66 Opens the original webpage from where installation of MetaMask was re… (#6272)
* Opens the original webpage from where installation of MetaMask was requested

* Asking for dynamic permissions

* code for forwarder/without extra permissions

* Lint fix for onboardingComplete message sending code.
2019-04-24 10:49:38 -07:00
Josh Stevens
2aaec1d9fb Stop reloading dapps on network change allowing dapps to decide if it should refresh or not (#6330)
* feat: `inpageProvider.autoRefreshOnNetworkChange` to allow dapps to control if it refreshes or not

* feat: check the `autoRefreshOnNetworkChange` before a refresh

* fix linting error

* fix: use `window.ethereum` now `web3.ethereum`
2019-03-21 12:42:23 -07:00
Paul Bouchon
2f7d449427 EIP-1193: standard provider API (#6170)
* EIP-1193: Implement new provider API

* EIP-1193: Updated implementation

* Remove test file

* Fix tests

* Update ping check

* Update logic

* PR feedback
2019-02-19 16:42:08 -08:00
Graham Kaemmer
89c4353408 Fix inpage.js event handler memory leak (#6177)
Fixes #6176
2019-02-18 16:07:58 -05:00
Whymarrh Whitby
f5eb1512d4 Fix all "var used instead of let or const" problems in inpage.js 2019-02-12 10:36:15 -03:30
Paul Bouchon
7fe37276a1
1102: Push publicConfigStore to next turn to avoid race conditiono (#5777) 2018-11-18 07:23:04 -05:00
Whymarrh Whitby
1988e1e96b ESLint fixes (#5775)
* eslint . --fix

* Upgrade all ESLint warnings to errors
2018-11-16 14:54:55 -10:00
Paul Bouchon
c317624854 EIP-1102: Update publicConfig store concurrently with approval 2018-11-09 18:21:59 -08:00
Noah I
8bed073f20 1102: Fix inpage listener syntax (#5708) (#5709) 2018-11-09 07:14:32 -05:00
bitpshr
718393f89a Cleanup 2018-11-07 08:47:25 -08:00
bitpshr
a224b71837 1102: use postMessage instead of injected scripts to bypass CSP 2018-11-07 08:47:25 -08:00
bitpshr
1ce3591c8e wip 2018-11-07 08:47:25 -08:00
bitpshr
b3f428fd1f Move experimental provider augmentation 2018-11-05 15:07:09 -08:00
bitpshr
879997af51 Add experimental RPC method support 2018-11-05 15:07:09 -08:00
bitpshr
9984f7edeb Mark origins as unapproved if user explicitly locks MetaMask 2018-11-05 15:07:09 -08:00
bitpshr
991e08e346 isApproved should return false 2018-11-05 15:07:09 -08:00
bitpshr
72730b3929 Remove internal listeners 2018-11-05 15:07:09 -08:00
bitpshr
cc27a09a1a rebase 2018-11-05 15:07:09 -08:00
bitpshr
d4171ccea5 Disable approval caching 2018-11-05 15:07:09 -08:00
bitpshr
cc1bab6ebb Differentiate locked and enabled 2018-11-05 15:07:09 -08:00
bitpshr
d7618bd5c6 Code bath 2018-11-05 15:07:09 -08:00
bitpshr
ba40fcbcb4 Handle logout gracefully 2018-11-05 15:07:09 -08:00
bitpshr
f35466a247 Fix race condition with publicConfigStore 2018-11-05 15:07:09 -08:00
bitpshr
32630b68df Move convenience methods to _metamask namespace 2018-11-05 15:07:09 -08:00
bitpshr
84874a639d Add isUnlocked provider hook 2018-11-05 15:07:09 -08:00
bitpshr
573139b935 Differentiate isEnabled and isApproved hook 2018-11-05 15:07:09 -08:00
bitpshr
3a2ade4e84 Update isEnabled check 2018-11-05 15:07:09 -08:00