Merge pull request #1838 from MetaMask/i1805-LiveBlacklistUpdating
Live blacklist updatingfeature/default_network_editable
commit
d15e402ed8
@ -0,0 +1,38 @@ |
|||||||
|
const levenshtein = require('fast-levenshtein') |
||||||
|
const blacklistedMetaMaskDomains = ['metamask.com'] |
||||||
|
let blacklistedDomains = require('etheraddresslookup/blacklists/domains.json').concat(blacklistedMetaMaskDomains) |
||||||
|
const whitelistedMetaMaskDomains = ['metamask.io', 'www.metamask.io'] |
||||||
|
const whitelistedDomains = require('etheraddresslookup/whitelists/domains.json').concat(whitelistedMetaMaskDomains) |
||||||
|
const LEVENSHTEIN_TOLERANCE = 4 |
||||||
|
const LEVENSHTEIN_CHECKS = ['myetherwallet', 'myetheroll', 'ledgerwallet', 'metamask'] |
||||||
|
|
||||||
|
|
||||||
|
// credit to @sogoiii and @409H for their help!
|
||||||
|
// Return a boolean on whether or not a phish is detected.
|
||||||
|
function isPhish({ hostname, updatedBlacklist = null }) { |
||||||
|
var strCurrentTab = hostname |
||||||
|
|
||||||
|
// check if the domain is part of the whitelist.
|
||||||
|
if (whitelistedDomains && whitelistedDomains.includes(strCurrentTab)) { return false } |
||||||
|
|
||||||
|
// Allow updating of blacklist:
|
||||||
|
if (updatedBlacklist) { |
||||||
|
blacklistedDomains = blacklistedDomains.concat(updatedBlacklist) |
||||||
|
} |
||||||
|
|
||||||
|
// check if the domain is part of the blacklist.
|
||||||
|
const isBlacklisted = blacklistedDomains && blacklistedDomains.includes(strCurrentTab) |
||||||
|
|
||||||
|
// check for similar values.
|
||||||
|
let levenshteinMatched = false |
||||||
|
var levenshteinForm = strCurrentTab.replace(/\./g, '') |
||||||
|
LEVENSHTEIN_CHECKS.forEach((element) => { |
||||||
|
if (levenshtein.get(element, levenshteinForm) <= LEVENSHTEIN_TOLERANCE) { |
||||||
|
levenshteinMatched = true |
||||||
|
} |
||||||
|
}) |
||||||
|
|
||||||
|
return isBlacklisted || levenshteinMatched |
||||||
|
} |
||||||
|
|
||||||
|
module.exports = isPhish |
@ -1,24 +1,24 @@ |
|||||||
const assert = require('assert') |
const assert = require('assert') |
||||||
const Blacklister = require('../../app/scripts/blacklister') |
const isPhish = require('../../app/scripts/lib/is-phish') |
||||||
|
|
||||||
|
|
||||||
describe('blacklister', function () { |
describe('blacklister', function () { |
||||||
describe('#isPhish', function () { |
describe('#isPhish', function () { |
||||||
it('should not flag whitelisted values', function () { |
it('should not flag whitelisted values', function () { |
||||||
var result = Blacklister('www.metamask.io') |
var result = isPhish({ hostname: 'www.metamask.io' }) |
||||||
assert(!result) |
assert(!result) |
||||||
}) |
}) |
||||||
it('should flag explicit values', function () { |
it('should flag explicit values', function () { |
||||||
var result = Blacklister('metamask.com') |
var result = isPhish({ hostname: 'metamask.com' }) |
||||||
assert(result) |
assert(result) |
||||||
}) |
}) |
||||||
it('should flag levenshtein values', function () { |
it('should flag levenshtein values', function () { |
||||||
var result = Blacklister('metmask.io') |
var result = isPhish({ hostname: 'metmask.com' }) |
||||||
assert(result) |
assert(result) |
||||||
}) |
}) |
||||||
it('should not flag not-even-close values', function () { |
it('should not flag not-even-close values', function () { |
||||||
var result = Blacklister('example.com') |
var result = isPhish({ hostname: 'example.com' }) |
||||||
assert(!result) |
assert(!result) |
||||||
}) |
}) |
||||||
}) |
}) |
||||||
}) |
}) |
||||||
|
|
||||||
|
Loading…
Reference in new issue