diff options
author | Whymarrh Whitby <whymarrh.whitby@gmail.com> | 2018-10-02 08:00:40 +0800 |
---|---|---|
committer | Whymarrh Whitby <whymarrh.whitby@gmail.com> | 2018-10-02 21:15:39 +0800 |
commit | c92fee7771ee1c12729a5a480d63134722332789 (patch) | |
tree | 1e779fa686bc94fadeaf8ad74f437da35b2106a2 /app/scripts | |
parent | 58d856bd84a06228706fce3d2a13348e25f1a4ae (diff) | |
download | tangerine-wallet-browser-c92fee7771ee1c12729a5a480d63134722332789.tar.gz tangerine-wallet-browser-c92fee7771ee1c12729a5a480d63134722332789.tar.zst tangerine-wallet-browser-c92fee7771ee1c12729a5a480d63134722332789.zip |
Hook MetaMaskController up with phishing detection page
Diffstat (limited to 'app/scripts')
-rw-r--r-- | app/scripts/contentscript.js | 6 | ||||
-rw-r--r-- | app/scripts/phishing-detect.js | 56 |
2 files changed, 60 insertions, 2 deletions
diff --git a/app/scripts/contentscript.js b/app/scripts/contentscript.js index 2cbfb811e..d870741d6 100644 --- a/app/scripts/contentscript.js +++ b/app/scripts/contentscript.js @@ -1,6 +1,7 @@ const fs = require('fs') const path = require('path') const pump = require('pump') +const querystring = require('querystring') const LocalMessageDuplexStream = require('post-message-stream') const PongStream = require('ping-pong-stream/pong') const ObjectMultiplex = require('obj-multiplex') @@ -199,5 +200,8 @@ function blacklistedDomainCheck () { function redirectToPhishingWarning () { console.log('MetaMask - routing to Phishing Warning component') const extensionURL = extension.runtime.getURL('phishing.html') - window.location.href = extensionURL + '#' + window.location.hostname + window.location.href = `${extensionURL}#${querystring.stringify({ + hostname: window.location.hostname, + href: window.location.href, + })}` } diff --git a/app/scripts/phishing-detect.js b/app/scripts/phishing-detect.js index 4168b6618..6baf868c0 100644 --- a/app/scripts/phishing-detect.js +++ b/app/scripts/phishing-detect.js @@ -1,5 +1,59 @@ window.onload = function() { if (window.location.pathname === '/phishing.html') { - document.getElementById('esdbLink').innerHTML = '<b>To read more about this scam, navigate to: <a href="https://etherscamdb.info/domain/' + window.location.hash.substring(1) + '"> https://etherscamdb.info/domain/' + window.location.hash.substring(1) + '</a></b>' + const {hostname} = parseHash() + document.getElementById('esdbLink').innerHTML = '<b>To read more about this scam, navigate to: <a href="https://etherscamdb.info/domain/' + hostname + '"> https://etherscamdb.info/domain/' + hostname + '</a></b>' } } + +const querystring = require('querystring') +const dnode = require('dnode') +const { EventEmitter } = require('events') +const PortStream = require('extension-port-stream') +const extension = require('extensionizer') +const setupMultiplex = require('./lib/stream-utils.js').setupMultiplex +const { getEnvironmentType } = require('./lib/util') +const ExtensionPlatform = require('./platforms/extension') + +document.addEventListener('DOMContentLoaded', start) + +function start () { + const windowType = getEnvironmentType(window.location.href) + + global.platform = new ExtensionPlatform() + global.METAMASK_UI_TYPE = windowType + + const extensionPort = extension.runtime.connect({ name: windowType }) + const connectionStream = new PortStream(extensionPort) + const mx = setupMultiplex(connectionStream) + setupControllerConnection(mx.createStream('controller'), (err, metaMaskController) => { + if (err) { + return + } + + const suspect = parseHash() + const unsafeContinue = () => { + window.location.href = suspect.href + } + const continueLink = document.getElementById('unsafe-continue') + continueLink.addEventListener('click', () => { + metaMaskController.whitelistPhishingDomain(suspect.hostname) + unsafeContinue() + }) + }) +} + +function setupControllerConnection (connectionStream, cb) { + const eventEmitter = new EventEmitter() + const accountManagerDnode = dnode({ + sendUpdate (state) { + eventEmitter.emit('update', state) + }, + }) + connectionStream.pipe(accountManagerDnode).pipe(connectionStream) + accountManagerDnode.once('remote', (accountManager) => cb(null, accountManager)) +} + +function parseHash () { + const hash = window.location.hash.substring(1) + return querystring.parse(hash) +} |