From ace7cfa065d701b49fb07c4e6f169e7cce545c56 Mon Sep 17 00:00:00 2001
From: bitpshr <mail@bitpshr.net>
Date: Mon, 29 Oct 2018 19:31:06 +0100
Subject: Only filter selectedAddress from publicConfig store

---
 app/scripts/contentscript.js | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

(limited to 'app/scripts')

diff --git a/app/scripts/contentscript.js b/app/scripts/contentscript.js
index bb79e1d4a..aa06068c0 100644
--- a/app/scripts/contentscript.js
+++ b/app/scripts/contentscript.js
@@ -7,6 +7,7 @@ const PongStream = require('ping-pong-stream/pong')
 const ObjectMultiplex = require('obj-multiplex')
 const extension = require('extensionizer')
 const PortStream = require('extension-port-stream')
+const TransformStream = require('stream').Transform
 
 const inpageContent = fs.readFileSync(path.join(__dirname, '..', '..', 'dist', 'chrome', 'inpage.js')).toString()
 const inpageSuffix = '//# sourceURL=' + extension.extension.getURL('inpage.js') + '\n'
@@ -58,18 +59,21 @@ function setupStreams () {
 
   // Until this origin is approved, cut-off publicConfig stream writes at the content
   // script level so malicious sites can't snoop on the currently-selected address
-  pageStream._write = function (data, encoding, cb) {
-    if (typeof data === 'object' && data.name && data.name === 'publicConfig' && !originApproved) {
-      cb()
-      return
+  const approvalTransform = new TransformStream({
+    objectMode: true,
+    transform: (data, _, done) => {
+      if (typeof data === 'object' && data.name && data.name === 'publicConfig' && !originApproved) {
+        data.data.selectedAddress = undefined
+      }
+      done(null, { ...data })
     }
-    LocalMessageDuplexStream.prototype._write.apply(pageStream, arguments)
-  }
+  })
 
   // forward communication plugin->inpage
   pump(
     pageStream,
     pluginStream,
+    approvalTransform,
     pageStream,
     (err) => logStreamDisconnectWarning('MetaMask Contentscript Forwarding', err)
   )
-- 
cgit