Mark origins as unapproved if user explicitly locks MetaMask

app/scripts/controllers/provider-approval.js

@@ -49,7 +49,8 @@ class ProviderApprovalController {
    */
   _handleProviderRequest (origin) {
     this.store.updateState({ providerRequests: [{ origin }] })
-    if (this.isApproved(origin) && this.caching) {
+    const isUnlocked = this.keyringController.memStore.getState().isUnlocked
+    if (this.isApproved(origin) && this.caching && isUnlocked) {
       this.approveProviderRequest(origin)
       return
     }
@@ -128,8 +129,9 @@ class ProviderApprovalController {
    * @returns {boolean} - True if the origin has been approved
    */
   isApproved (origin) {
+    const isUnlocked = this.keyringController.memStore.getState().isUnlocked
     const privacyMode = this.preferencesController.getFeatureFlags().privacyMode
-    return !privacyMode || this.approvedOrigins[origin]
+    return !privacyMode || (isUnlocked && this.approvedOrigins[origin])
   }
 
   /**

app/scripts/inpage.js

@@ -65,7 +65,7 @@ inpageProvider.enable = function () {
           })
         })
 
-        // wait for the background to update with an accoount
+        // wait for the background to update with an account
         const ethAccounts = new Promise((resolveAccounts, rejectAccounts) => {
           inpageProvider.sendAsync({ method: 'eth_accounts', params: [] }, (error, response) => {
             if (error) {