1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-02 06:07:06 +01:00
Commit Graph

6 Commits

Author SHA1 Message Date
Mark Stacey
cb12cb8f5a
Restore support for Chromium v78 (#17251)
Support has been restored for Chromium v78. Previously the extension
would crash upon startup.

The main incompatibility was the use of ES2020 operators (the optional
chain and nullish coalesce operators) in the libraries
 `@ethereumjs/util` and `superstruct`. This was resolved by transpiling
those libraries.

After fixing that, the extension no longer crashed but the UI refused
to connect. This was because the UI process was not being identified as
an internal process, because the code responsible for checking that was
relying on the `origin` property of `MessageSender` [1] which wasn't
added until Chromium v80. The check has been updated to use the `url`
property instead, which existed in older versions of Chrome.

Lastly, the content security policy was updated to include the default
content security policy alongside the intended modification. Newer
versions of Chrome will merge the configired CSP with the default, but
older versions required it to be explicitly specified. This should not
result in any functional change.

[1]: https://developer.chrome.com/docs/extensions/reference/runtime/#type-MessageSender
2023-01-23 12:36:48 -03:30
Mark Stacey
b0959e221b
Add codefi.network host permission (#17029)
This host permission bypasses cross-origin restrictions for our
internal APIs (see here for details on host permissions and CORs [1]).
This acts as a safeguard, ensuring that if CORs is misconfigured on
these endpoints, everything will still work.

[1]: https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/manifest.json/permissions#host_permissions
2022-12-22 09:56:33 -03:30
Mark Stacey
ea947ed1a4
Resolve inconsistency between browsers (#15800)
Resolve an inconsistency between Chrome and Firefox with how the
contentscript runs in an iframe.

This should have no user-facing impact, it's just meant as a safeguard
in case something unintentionally gets included in the contentscript.
2022-09-12 18:35:41 -02:30
Ariella Vu
ae76c365a0
manifest: add https://chainid.network/chains.json (#14810) 2022-06-06 19:13:42 -05:00
Mark Stacey
e6d5af5f9a Merge remote-tracking branch 'origin/develop' into master-sync
* origin/develop: (131 commits)
  Update `protobufjs` and remove obsolete advisory exclusion (#14841)
  Include snap version in pill (#14803)
  Update PULL_REQUEST_TEMPLATE.md (#14790)
  fix: keystone transaction qrcode has no white spacing (#14798)
  Snap notifications integration (#14605)
  Upgrade @metamask/eth-ledger-bridge-keyring (#14799)
  snaps-skunkworks@0.15.0 (#14772)
  Fix proptype errors in network dropdown, tx list item details, and account details modal tests (#14747)
  Ensure transaction type is correctly updated on edit (#14721)
  Add fiat onboarding for AVAX and MATIC through Wyre (#14683)
  Bump @metamask/contract-metadata from 1.33.0 to 1.35.0 (#14791)
  Slight cleanup of constants/transactions, useTransactionDisplayData, and TransactionIcon (#14784)
  Migrate the "estimateGas" API call to "getFees" for STX (#14767)
  Ignore advisory GHSA-wm7h-9275-46v2 (#14789)
  Adding flag for MV3 (#14762)
  Add types to send state (#14740)
  Remove site origin on snap install (#14752)
  Update design tokens library from 1.5 to 1.6 WIP (#14732)
  Enables the "Safe Transaction From" copy for safeTransferFrom transactions (#14769)
  remove draft transaction (#14701)
  ...
2022-06-03 11:53:40 -02:30
Jyoti Puri
25082ae272
Adding flag for MV3 (#14762) 2022-05-26 10:18:23 +05:30