aboutsummaryrefslogtreecommitdiffstats
path: root/app/scripts
diff options
context:
space:
mode:
authorWhymarrh Whitby <whymarrh.whitby@gmail.com>2018-10-02 08:00:40 +0800
committerWhymarrh Whitby <whymarrh.whitby@gmail.com>2018-10-02 21:15:39 +0800
commitc92fee7771ee1c12729a5a480d63134722332789 (patch)
tree1e779fa686bc94fadeaf8ad74f437da35b2106a2 /app/scripts
parent58d856bd84a06228706fce3d2a13348e25f1a4ae (diff)
downloadtangerine-wallet-browser-c92fee7771ee1c12729a5a480d63134722332789.tar.gz
tangerine-wallet-browser-c92fee7771ee1c12729a5a480d63134722332789.tar.zst
tangerine-wallet-browser-c92fee7771ee1c12729a5a480d63134722332789.zip
Hook MetaMaskController up with phishing detection page
Diffstat (limited to 'app/scripts')
-rw-r--r--app/scripts/contentscript.js6
-rw-r--r--app/scripts/phishing-detect.js56
2 files changed, 60 insertions, 2 deletions
diff --git a/app/scripts/contentscript.js b/app/scripts/contentscript.js
index 2cbfb811e..d870741d6 100644
--- a/app/scripts/contentscript.js
+++ b/app/scripts/contentscript.js
@@ -1,6 +1,7 @@
const fs = require('fs')
const path = require('path')
const pump = require('pump')
+const querystring = require('querystring')
const LocalMessageDuplexStream = require('post-message-stream')
const PongStream = require('ping-pong-stream/pong')
const ObjectMultiplex = require('obj-multiplex')
@@ -199,5 +200,8 @@ function blacklistedDomainCheck () {
function redirectToPhishingWarning () {
console.log('MetaMask - routing to Phishing Warning component')
const extensionURL = extension.runtime.getURL('phishing.html')
- window.location.href = extensionURL + '#' + window.location.hostname
+ window.location.href = `${extensionURL}#${querystring.stringify({
+ hostname: window.location.hostname,
+ href: window.location.href,
+ })}`
}
diff --git a/app/scripts/phishing-detect.js b/app/scripts/phishing-detect.js
index 4168b6618..6baf868c0 100644
--- a/app/scripts/phishing-detect.js
+++ b/app/scripts/phishing-detect.js
@@ -1,5 +1,59 @@
window.onload = function() {
if (window.location.pathname === '/phishing.html') {
- document.getElementById('esdbLink').innerHTML = '<b>To read more about this scam, navigate to: <a href="https://etherscamdb.info/domain/' + window.location.hash.substring(1) + '"> https://etherscamdb.info/domain/' + window.location.hash.substring(1) + '</a></b>'
+ const {hostname} = parseHash()
+ document.getElementById('esdbLink').innerHTML = '<b>To read more about this scam, navigate to: <a href="https://etherscamdb.info/domain/' + hostname + '"> https://etherscamdb.info/domain/' + hostname + '</a></b>'
}
}
+
+const querystring = require('querystring')
+const dnode = require('dnode')
+const { EventEmitter } = require('events')
+const PortStream = require('extension-port-stream')
+const extension = require('extensionizer')
+const setupMultiplex = require('./lib/stream-utils.js').setupMultiplex
+const { getEnvironmentType } = require('./lib/util')
+const ExtensionPlatform = require('./platforms/extension')
+
+document.addEventListener('DOMContentLoaded', start)
+
+function start () {
+ const windowType = getEnvironmentType(window.location.href)
+
+ global.platform = new ExtensionPlatform()
+ global.METAMASK_UI_TYPE = windowType
+
+ const extensionPort = extension.runtime.connect({ name: windowType })
+ const connectionStream = new PortStream(extensionPort)
+ const mx = setupMultiplex(connectionStream)
+ setupControllerConnection(mx.createStream('controller'), (err, metaMaskController) => {
+ if (err) {
+ return
+ }
+
+ const suspect = parseHash()
+ const unsafeContinue = () => {
+ window.location.href = suspect.href
+ }
+ const continueLink = document.getElementById('unsafe-continue')
+ continueLink.addEventListener('click', () => {
+ metaMaskController.whitelistPhishingDomain(suspect.hostname)
+ unsafeContinue()
+ })
+ })
+}
+
+function setupControllerConnection (connectionStream, cb) {
+ const eventEmitter = new EventEmitter()
+ const accountManagerDnode = dnode({
+ sendUpdate (state) {
+ eventEmitter.emit('update', state)
+ },
+ })
+ connectionStream.pipe(accountManagerDnode).pipe(connectionStream)
+ accountManagerDnode.once('remote', (accountManager) => cb(null, accountManager))
+}
+
+function parseHash () {
+ const hash = window.location.hash.substring(1)
+ return querystring.parse(hash)
+}