* Omit MetaMask `extensionId` from site metadata
The site metadata was updated in #7218 to include the extension id of
the extension connecting to MetaMask. This was done to allow external
extensions to connect with MetaMask, so that we could show the id on
the provider approval screen.
Unbeknownst to me at the time, the extension id was being set for all
connections to MetaMask from dapps. The id was set to MetaMask's id,
because the connections are made through MetaMask's contentscript.
This has been updated to only set the id when accepting a connection
from a different extension.
* Fix `siteMetadata` property names
In #7218 a few things were added to the site metadata, so the provider
approval controller was middleware was updated to accept the site
metadata as an object rather than accepting each property as a separate
parameter. Unfortunately we failed to notice that the site name and
icon were named differently in the site metadata than they were in the
provider approval controller, so the names of those properties were
unintentionally changed in the controller state.
The provider approval controller has been updated to restore the
original property names of `siteTitle` and `siteIcon`. An unused prop
that was added to the provider approval page in #7218 has also been
removed.
If the extension ID is set, an alternate title and subtitle are used
for the Connect Request screen. The title is always `External
Extension`, and the subtitle is `Extension ID: [id]` instead of the
origin (which would just be `[extension-scheme]://[id]` anyway).
The hostname for the site is used as a fallback in case it has no
title.
The artificial hostname set for internal connections has been renamed
from 'MetaMask' to 'metamask' because URL objects automatically
normalize hostnames to be all lower-case, and it was more convenient to
use a URL object so that the parameter would be the same type as used
for an untrusted connection.
* Start refactor
* Use import syntax
* Add create-account.component
* Continue refactor
* Add new line
* Start using JSX and make tabs a bit more DRY
* 👋 bye-bye hyperscript
* These can be disabled when active
* Start JSX in new account component
* 👋 bye-bye hyperscript
* Move newAccountNumber into container
* Validate newAccountNumber prop
* Begin mocking out retry ui
* Remove "Failed"
* I guess this works?
* Update corresponding test
* wip
* Ok, this appears to be working now
* cleanup
* Move this back to 3
* I don't think I need this
* Rename showRetry to showSpeedUp
* Address PR feedback
* Remove notes
* Rename shouldShowRetry -> shouldShowSpeedUp
* oops
* Add a delay after connecting
This addresses an intermittent test failure where the MetaMask
Notification window cannot be found. It appears to be caused by the
Send button being clicked too soon after connecting to a dapp, before
the background has had a chance to process the approval. The premature
send is ignored and the window never appears.
This delay (2 seconds) should be sufficient time for the connection to
be processed. A later 5-second delay was also reduced to 2 seconds.
* Select onboarding buttons by button text
The onboarding buttons were being selected using the classname, which
was common to all onboarding buttons. This resulting in buttons being
selected just before a page transition, leading to an error about
the element reference being stale when a click was attempted.
The CSS class selectors have been replaced by text selectors, which
are more specific and shouldn't be at risk of resolving early. They're
also easier to read.
* Remove retypeSeedPhrase function
This function was used to re-type the seed phrase in the event that a
failure occurred when confirming the seed phrase. I'm not sure what
failure this was meant to address exactly, but this contingency hasn't
been needed for some time. We can tell that it hasn't been used because
it wasn't updated for the incremental account security changes, so it
couldn't have worked since then (it would have clicked the wrong
button).
* Use `AdvancedGasInputs` in `AdvancedTabContent`
The `AdvancedGasInputs` component was originally extracted from the
`AdvancedTabContent` component, duplicating much of the rendering
logic. They have since evolved separately, with bugs being fixed in one
place but not the other.
The inputs and outputs expected weren't exactly the same, as the
`AdvancedGasInputs` component converts the input custom gas price and
limit, and it converts them both in the setter methods as well.
The `GasModalPageContainer` had to be adjusted to avoid converting
these values multiple times.
Both components dealt with input debouncing separately, both in less
than ideal ways. `AdvancedTabContent` didn't debounce either field, but
it did debounce the check for whether the gas limit field was below the
minimum value. So if a less-than-minimum value was set, it would be
propogated upwards and could be saved if the user clicked 'Save'
quickly enough. After a second delay it would snap back to the minimum
value. The `AdvancedGasInputs` component debounced both fields, but
it would replace any gas limit below the minimum with the minimum
value. This led to a problem where a brief pause during typing would
reset the field to 21000.
The `AdvancedGasInputs` approach was chosen, except that it was
updated to no longer change the gas limit if it was below the minimum.
Instead it displays an error. Parent components were checked to ensure
they would detect the error case of the gas limit being set too low,
and prevent the form submission in those cases. Of the three parents,
one had already dealt with it correctly, one needed to convert the
gas limit from hex first, and another needed the gas limit check added.
Closes#6872
* Cleanup send components
Empty README files have been removed, and a mistake in the index file
for the send page has been corrected. The Gas Slider component class
name was updated as well; it looks like it was originally created from
`AdvancedTabContent`, so it still had that class name.
Security advisory: https://www.npmjs.com/advisories/1184
This advisory was already addressed in #7289 but subsequent releases
have made this simpler resolution possible.
This simplifies the logic of signing and improves security:
- Private keys are never moved to the base controller.
- Hardware wallets are abstracted in the same way as local keys.
This also paves the way for allowing even more modular accounts,
provided by plugins:
https://github.com/MetaMask/metamask-plugin-beta/pull/63Fixes#7075.
Security advisory: https://www.npmjs.com/advisories/1184
The package `pac-proxy-agent` (which we use via `pubnub`) hasn't
released an update yet, so we're forced to use a resolution for the
time being. The updated version appears to be compatible.
Security advisory: https://www.npmjs.com/advisories/1184
The package `pac-proxy-agent` (which we use via `pubnub`) hasn't
released an update yet, so we're forced to use a resolution for the
time being. The updated version appears to be compatible.