From 4dd6c8168f3dbec5a0e910069a4a29a640e39942 Mon Sep 17 00:00:00 2001
From: Whymarrh Whitby <whymarrh.whitby@gmail.com>
Date: Mon, 1 Oct 2018 20:28:46 -0230
Subject: [PATCH] Add ability to whitelist a blacklisted domain at runtime

---
 app/scripts/controllers/blacklist.js          | 22 +++++++++++++++++++
 .../controllers/blacklist-controller-test.js  | 15 +++++++++++++
 2 files changed, 37 insertions(+)

diff --git a/app/scripts/controllers/blacklist.js b/app/scripts/controllers/blacklist.js
index 1d2191433..89c7cc888 100644
--- a/app/scripts/controllers/blacklist.js
+++ b/app/scripts/controllers/blacklist.js
@@ -29,6 +29,7 @@ class BlacklistController {
   constructor (opts = {}) {
     const initState = extend({
       phishing: PHISHING_DETECTION_CONFIG,
+      whitelist: [],
     }, opts.initState)
     this.store = new ObservableStore(initState)
     // phishing detector
@@ -38,6 +39,21 @@ class BlacklistController {
     this._phishingUpdateIntervalRef = null
   }
 
+  /**
+   * Adds the given hostname to the runtime whitelist
+   * @param {string} hostname the hostname to whitelist
+   */
+  whitelistDomain (hostname) {
+    if (!hostname) {
+      return
+    }
+
+    const { whitelist } = this.store.getState()
+    this.store.updateState({
+      whitelist: [...new Set([hostname, ...whitelist])],
+    })
+  }
+
   /**
    * Given a url, returns the result of checking if that url is in the store.phishing blacklist
    *
@@ -48,6 +64,12 @@ class BlacklistController {
    */
   checkForPhishing (hostname) {
     if (!hostname) return false
+
+    const { whitelist } = this.store.getState()
+    if (whitelist.some((e) => e === hostname)) {
+      return false
+    }
+
     const { result } = this._phishingDetector.check(hostname)
     return result
   }
diff --git a/test/unit/app/controllers/blacklist-controller-test.js b/test/unit/app/controllers/blacklist-controller-test.js
index 085641777..7a14c02cc 100644
--- a/test/unit/app/controllers/blacklist-controller-test.js
+++ b/test/unit/app/controllers/blacklist-controller-test.js
@@ -8,6 +8,16 @@ describe('blacklist controller', function () {
     blacklistController = new BlacklistController()
   })
 
+  describe('whitelistDomain', function () {
+    it('should add hostname to the runtime whitelist', function () {
+      blacklistController.whitelistDomain('foo.com')
+      assert.deepEqual(blacklistController.store.getState().whitelist, ['foo.com'])
+
+      blacklistController.whitelistDomain('bar.com')
+      assert.deepEqual(blacklistController.store.getState().whitelist, ['bar.com', 'foo.com'])
+    })
+  })
+
   describe('checkForPhishing', function () {
     it('should not flag whitelisted values', function () {
       const result = blacklistController.checkForPhishing('www.metamask.io')
@@ -37,5 +47,10 @@ describe('blacklist controller', function () {
       const result = blacklistController.checkForPhishing('zero-faucet.metamask.io')
       assert.equal(result, false)
     })
+    it('should not flag whitelisted domain', function () {
+      blacklistController.whitelistDomain('metamask.com')
+      const result = blacklistController.checkForPhishing('metamask.com')
+      assert.equal(result, false)
+    })
   })
 })