mirror of
https://github.com/kremalicious/metamask-extension.git
synced 2024-11-22 09:57:02 +01:00
5b5e5d222f
* skip injection on snaps iframe * escape periods from regex block list These values are used as regex inputs, so plain periods are wild characters, and mean these can be interpreted as more domains than intended. * remove period escaping It's already escaped below. Whoops! Bad AI advice!
94 lines
2.4 KiB
JavaScript
94 lines
2.4 KiB
JavaScript
/**
|
|
* Determines if the provider should be injected
|
|
*
|
|
* @returns {boolean} {@code true} Whether the provider should be injected
|
|
*/
|
|
export default function shouldInjectProvider() {
|
|
return (
|
|
doctypeCheck() &&
|
|
suffixCheck() &&
|
|
documentElementCheck() &&
|
|
!blockedDomainCheck()
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Checks the doctype of the current document if it exists
|
|
*
|
|
* @returns {boolean} {@code true} if the doctype is html or if none exists
|
|
*/
|
|
function doctypeCheck() {
|
|
const { doctype } = window.document;
|
|
if (doctype) {
|
|
return doctype.name === 'html';
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Returns whether or not the extension (suffix) of the current document is prohibited
|
|
*
|
|
* This checks {@code window.location.pathname} against a set of file extensions
|
|
* that we should not inject the provider into. This check is indifferent of
|
|
* query parameters in the location.
|
|
*
|
|
* @returns {boolean} whether or not the extension of the current document is prohibited
|
|
*/
|
|
function suffixCheck() {
|
|
const prohibitedTypes = [/\.xml$/u, /\.pdf$/u];
|
|
const currentUrl = window.location.pathname;
|
|
for (let i = 0; i < prohibitedTypes.length; i++) {
|
|
if (prohibitedTypes[i].test(currentUrl)) {
|
|
return false;
|
|
}
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Checks the documentElement of the current document
|
|
*
|
|
* @returns {boolean} {@code true} if the documentElement is an html node or if none exists
|
|
*/
|
|
function documentElementCheck() {
|
|
const documentElement = document.documentElement.nodeName;
|
|
if (documentElement) {
|
|
return documentElement.toLowerCase() === 'html';
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Checks if the current domain is blocked
|
|
*
|
|
* @returns {boolean} {@code true} if the current domain is blocked
|
|
*/
|
|
function blockedDomainCheck() {
|
|
const blockedDomains = [
|
|
'execution.metamask.io',
|
|
'uscourts.gov',
|
|
'dropbox.com',
|
|
'webbyawards.com',
|
|
'cdn.shopify.com/s/javascripts/tricorder/xtld-read-only-frame.html',
|
|
'adyen.com',
|
|
'gravityforms.com',
|
|
'harbourair.com',
|
|
'ani.gamer.com.tw',
|
|
'blueskybooking.com',
|
|
'sharefile.com',
|
|
];
|
|
const currentUrl = window.location.href;
|
|
let currentRegex;
|
|
for (let i = 0; i < blockedDomains.length; i++) {
|
|
const blockedDomain = blockedDomains[i].replace('.', '\\.');
|
|
currentRegex = new RegExp(
|
|
`(?:https?:\\/\\/)(?:(?!${blockedDomain}).)*$`,
|
|
'u',
|
|
);
|
|
if (!currentRegex.test(currentUrl)) {
|
|
return true;
|
|
}
|
|
}
|
|
return false;
|
|
}
|