1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-29 23:58:06 +01:00
Commit Graph

22 Commits

Author SHA1 Message Date
kumavis
f9ea9e4b43
lockdown - breakout making globalThis properties non-writable (#12258)
* lockdown - breakout making globalThis properties non-writable into lockdown-more.js

* Update app/scripts/lockdown-more.js

Co-authored-by: David Walsh <davidwalsh83@gmail.com>

* Update app/scripts/lockdown-more.js

Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>

Co-authored-by: David Walsh <davidwalsh83@gmail.com>
Co-authored-by: Erik Marks <25517051+rekmarks@users.noreply.github.com>
2021-10-01 08:53:12 -10:00
ryanml
fe59cbfe66
Autofilling new issue link with url and domain (Phishing detect page) (#12000) 2021-09-03 11:22:28 -07:00
kumavis
9f4820ee98
Build - refactor for bundle factoring and swappable runtime (#11080)
* wip

* build - breakout sentry-install bundle

* deps - move new build sys deps to published versions

* chore: lint fix

* clean - remove unused file

* clean - remove unsused package script

* lavamoat - update build system policy

* build - render html to all platforms

* development - improve sourcemap debugger output

* deps - update lavapack

* lint - fix

* deps - update lavapack for bugfix

* deps - update lavapack for bugfix

* deps - bump lavapack for line ending normalization

* sourcemap explorer - disable boundary validation

* ci - reset normal ci flow

* build - re-enable minification on prod

* build - remove noisy log about html dest

* build - update terser and remove gulp wrapper for sourcemap fix

* Revert "sourcemap explorer - disable boundary validation"

This reverts commit 94112209ed880a6ebf4ee2ded411e59db6908162.

* build - reenable react-devtools in dev mode

* wip

* build - breakout sentry-install bundle

* deps - move new build sys deps to published versions

* chore: lint fix

* clean - remove unused file

* clean - remove unsused package script

* lavamoat - update build system policy

* build - render html to all platforms

* development - improve sourcemap debugger output

* deps - update lavapack

* lint - fix

* deps - update lavapack for bugfix

* deps - update lavapack for bugfix

* deps - bump lavapack for line ending normalization

* sourcemap explorer - disable boundary validation

* ci - reset normal ci flow

* build - re-enable minification on prod

* build - remove noisy log about html dest

* build - update terser and remove gulp wrapper for sourcemap fix

* Revert "sourcemap explorer - disable boundary validation"

This reverts commit 94112209ed880a6ebf4ee2ded411e59db6908162.

* build - reenable react-devtools in dev mode

* Updating lockfile

* lint fix

* build/dev - patch watchifys incompatible binary stats output

* ui - add comment about conditional import

* build - improve comment

* Update development/stream-flat-map.js

Co-authored-by: Brad Decker <git@braddecker.dev>

* Outputting all bundle file links (metamaskbot)

Co-authored-by: ryanml <ryanlanese@gmail.com>
Co-authored-by: Brad Decker <git@braddecker.dev>
2021-07-15 10:59:34 -07:00
Mark Stacey
f386e4ce4b
Rename lockdown.cjs to lockdown.js (#10026)
When you load an extension `.zip` file in Firefox, it fails to load
scripts with the `.cjs` file extension. However, it works if you load
the extension via the `manifest.json` file instead.

After renaming the `lockdown.cjs` file to `lockdown.js`, it works in
Firefox in all cases, regardless whether it's loaded by manifest or by
`.zip`.
2020-12-09 12:04:11 -03:30
Mark Stacey
d13aabde23
Fix SES lockdown on older browsers (#10014)
On older browsers that don't support `globalThis`[1], the SES lockdown
throws an error. The `globalthis` shim has been added to all pages, to
the background process, and to the `contentscript`. This should prevent
the error on older browsers.

[1]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/globalThis#Browser_compatibility
2020-12-08 15:08:31 -03:30
Etienne Dusseault
9f6fa64d67
Add SES lockdown to extension webapp (#9729)
* Freezeglobals: remove Promise freezing, add lockdown

* background & UI: temp disable sentry

* add loose-envify, dedupe symbol-observable

* use loose envify

* add symbol-observable patch

* run freezeGlobals after sentry init

* use require instead of import

* add lockdown to contentscript

* add error code in message

* try increasing node env heap size to 2048

* change back circe CI option

* make freezeGlobals an exported function

* make freezeGlobals an exported function

* use freezeIntrinsics

* pass down env to child process

* fix unknown module

* fix tests

* change back to 2048

* fix import error

* attempt to fix memory error

* fix lint

* fix lint

* fix mem gain

* use lockdown in phishing detect

* fix lint

* move sentry init into freezeIntrinsics to run lockdown before other imports

* lint fix

* custom lockdown modules per context

* lint fix

* fix global test

* remove run in child process

* remove lavamoat-core, use ses, require lockdown directly

* revert childprocess

* patch package postinstall

* revert back child process

* add postinstall to ci

* revert node max space size to 1024

* put back loose-envify

* Disable sentry to see if e2e tetss pass

* use runLockdown, add as script in manifest

* remove global and require from runlockdown

* add more memory to tests

* upgrade resource class for prep-build & prep-build-test

* fix lint

* lint fix

* upgrade remote-redux-devtools

* skillfully re-add sentry

* lintfix

* fix lint

* put back beep

* remove envify, add loose-envify and patch-package in dev deps

* Replace patch with Yarn resolution (#9923)

Instead of patching `symbol-observable`, this ensures that all
versions of `symbol-observable` are resolved to the given range, even
if it contradicts the requested range.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-11-24 11:26:43 +08:00
Mark Stacey
3fb40c9c75
Use main style bundle for phishing page (#8255)
The phishing detection page had been using a separate stylesheet from
the rest of MetaMask. This stylesheet (`app/fonts/index.css`) was just
responsible for importing all fonts.

The phishing page now uses the same stylesheet as the rest of MetaMask.
The old stylesheet has been removed, leaving us with one less thing we
need to maintain as fonts are changed. We may want to revisit this
later to optimize performance by reducing the size of this CSS bundle
to the minimal set of styles required, but the impact is tiny in
practice, and not especially important in this situation.
2020-03-30 19:44:46 -03:00
Alice Henshaw
d6009bbfb7
Updating deprecated Etherscam link (#7464)
Co-authored-by: Whymarrh Whitby <whymarrh.whitby@gmail.com>
2020-02-03 16:45:53 -03:30
Whymarrh Whitby
59a5f550e4 Update design of phishing warning screen 2019-02-05 13:18:24 -03:30
Paul Chonpimai
9de32722b8 fix typo in phishing.html title 2019-01-03 14:31:53 +07:00
Dan Finlay
4935c31711 Update phishing warning copy
Per advice of legal counsel.
2018-12-03 09:55:02 -08:00
Whymarrh Whitby
5539494a5e Style links on phishing page with an underline 2018-10-02 10:45:39 -02:30
Whymarrh Whitby
24ab1f5d60 Style links on phishing page with cursor: pointer; 2018-10-02 10:45:39 -02:30
Whymarrh Whitby
343ae7c143 Update title and copy of phishing warning page 2018-10-02 10:43:46 -02:30
Thomas Huang
8c3091aa7a
Merge pull request #5053 from hahnmichaelf/esdb-support
Link to ESDB in local phishing.html
2018-09-27 10:19:06 -05:00
Dan Finlay
d493ec6dc4 Remove EAL google analytics link. (#5081)
Harry said he's not using this for Ether-Address-Lookup anymore, so removing it.
2018-09-20 12:29:03 -02:30
hahnmichaelf
e454a5e0e8 fixed names 2018-08-13 12:56:35 -04:00
hahnmichaelf
8fb2dfe3d7 Re-added GA script 2018-08-13 12:47:18 -04:00
hahnmichaelf
7d2d71bcbc change name 2018-08-13 12:40:16 -04:00
hahnmichaelf
9666eaba66 base - working. fixes #4774 2018-08-12 18:57:58 -04:00
Thomas
d1734b8d7c Update Phishing Html 2018-07-27 14:10:18 -07:00
Kelvin Tan
7ca402147d add phishing html page, and redirect to bundled page in-window 2018-07-27 00:03:39 +08:00