Merge pull request #3590 from SaptakS/feature/whitelist

Inject Script: Blacklist domains where not to inject script
feature/default_network_editable
Dan Finlay 7 years ago committed by GitHub
commit 3bc8493166
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 17
      app/scripts/contentscript.js

@ -96,7 +96,8 @@ function logStreamDisconnectWarning (remoteLabel, err) {
} }
function shouldInjectWeb3 () { function shouldInjectWeb3 () {
return doctypeCheck() && suffixCheck() && documentElementCheck() return doctypeCheck() && suffixCheck()
&& documentElementCheck() && !blacklistedDomainCheck()
} }
function doctypeCheck () { function doctypeCheck () {
@ -129,6 +130,20 @@ function documentElementCheck () {
return true return true
} }
function blacklistedDomainCheck () {
var blacklistedDomains = ['uscourts.gov', 'dropbox.com']
var currentUrl = window.location.href
var currentRegex
for (let i = 0; i < blacklistedDomains.length; i++) {
const blacklistedDomain = blacklistedDomains[i].replace('.', '\\.')
currentRegex = new RegExp(`(?:https?:\\/\\/)(?:(?!${blacklistedDomain}).)*$`)
if (!currentRegex.test(currentUrl)) {
return true
}
}
return false
}
function redirectToPhishingWarning () { function redirectToPhishingWarning () {
console.log('MetaMask - redirecting to phishing warning') console.log('MetaMask - redirecting to phishing warning')
window.location.href = 'https://metamask.io/phishing.html' window.location.href = 'https://metamask.io/phishing.html'

Loading…
Cancel
Save