Merge pull request #736 from MetaMask/i735-xmlfix

Prevent injections on XML
feature/default_network_editable
Dan Finlay 8 years ago committed by GitHub
commit 6d4c685636
  1. 1
      CHANGELOG.md
  2. 16
      app/scripts/contentscript.js

@ -2,6 +2,7 @@
## Current Master ## Current Master
- Fix bug where web3 was being injected into XML files.
- Add a custom transaction fee field to send form. - Add a custom transaction fee field to send form.
## 2.13.3 2016-10-4 ## 2.13.3 2016-10-4

@ -69,6 +69,18 @@ function setupStreams(){
} }
function shouldInjectWeb3(){ function shouldInjectWeb3(){
var shouldInject = (window.location.href.indexOf('.pdf') === -1) return isAllowedSuffix(window.location.href)
return shouldInject }
function isAllowedSuffix(testCase) {
var prohibitedTypes = ['xml', 'pdf']
var currentUrl = window.location.href
var currentRegex
for (let i = 0; i < prohibitedTypes.length; i++) {
currentRegex = new RegExp(`\.${prohibitedTypes[i]}$`)
if (currentRegex.test(currentUrl)) {
return false
}
}
return true
} }

Loading…
Cancel
Save