* Add support for one-click onboarding
MetaMask now allows sites to register as onboarding the user, so that
the user is redirected back to the initiating site after onboarding.
This is accomplished through the use of the `metamask-onboarding`
library and the MetaMask forwarder.
At the end of onboarding, a 'snackbar'-stype component will explain to the
user they are about to be moved back to the originating dapp, and it will
show the origin of that dapp. This is intended to help prevent phishing
attempts, as it highlights that a redirect is taking place to an untrusted
third party.
If the onboarding initiator tab is closed when onboarding is finished,
the user is redirected to the onboarding originator as a fallback.
Closes#6161
* Add onboarding button to contract test dapp
The `contract-test` dapp (run with `yarn dapp`, used in e2e tests) now
uses a `Connect` button instead of connecting automatically. This
button also serves as an onboarding button when a MetaMask installation
is not detected.
* Add new static server for test dapp
The `static-server` library we were using for the `contract-test` dapp
didn't allow referencing files outside the server root. This should
have been possible to work around using symlinks, but there was a bug
that resulted in symlinks crashing the server.
Instead it has been replaced with a simple static file server that
will serve paths starting with `node_modules` from the project root.
This will be useful in testing the onboarding library without vendoring
it.
* Add `@metamask/onboarding` and `@metamask/forwarder`
Both libraries used to test onboarding are now included as dev
dependencies, to help with testing. A few convenience scripts
were added to help with this (`yarn forwarder` and `yarn dapp-forwarder`)
* Omit MetaMask `extensionId` from site metadata
The site metadata was updated in #7218 to include the extension id of
the extension connecting to MetaMask. This was done to allow external
extensions to connect with MetaMask, so that we could show the id on
the provider approval screen.
Unbeknownst to me at the time, the extension id was being set for all
connections to MetaMask from dapps. The id was set to MetaMask's id,
because the connections are made through MetaMask's contentscript.
This has been updated to only set the id when accepting a connection
from a different extension.
* Fix `siteMetadata` property names
In #7218 a few things were added to the site metadata, so the provider
approval controller was middleware was updated to accept the site
metadata as an object rather than accepting each property as a separate
parameter. Unfortunately we failed to notice that the site name and
icon were named differently in the site metadata than they were in the
provider approval controller, so the names of those properties were
unintentionally changed in the controller state.
The provider approval controller has been updated to restore the
original property names of `siteTitle` and `siteIcon`. An unused prop
that was added to the provider approval page in #7218 has also been
removed.
* Omit MetaMask `extensionId` from site metadata
The site metadata was updated in #7218 to include the extension id of
the extension connecting to MetaMask. This was done to allow external
extensions to connect with MetaMask, so that we could show the id on
the provider approval screen.
Unbeknownst to me at the time, the extension id was being set for all
connections to MetaMask from dapps. The id was set to MetaMask's id,
because the connections are made through MetaMask's contentscript.
This has been updated to only set the id when accepting a connection
from a different extension.
* Fix `siteMetadata` property names
In #7218 a few things were added to the site metadata, so the provider
approval controller was middleware was updated to accept the site
metadata as an object rather than accepting each property as a separate
parameter. Unfortunately we failed to notice that the site name and
icon were named differently in the site metadata than they were in the
provider approval controller, so the names of those properties were
unintentionally changed in the controller state.
The provider approval controller has been updated to restore the
original property names of `siteTitle` and `siteIcon`. An unused prop
that was added to the provider approval page in #7218 has also been
removed.
If the extension ID is set, an alternate title and subtitle are used
for the Connect Request screen. The title is always `External
Extension`, and the subtitle is `Extension ID: [id]` instead of the
origin (which would just be `[extension-scheme]://[id]` anyway).
The hostname for the site is used as a fallback in case it has no
title.
The artificial hostname set for internal connections has been renamed
from 'MetaMask' to 'metamask' because URL objects automatically
normalize hostnames to be all lower-case, and it was more convenient to
use a URL object so that the parameter would be the same type as used
for an untrusted connection.
* Adds ab test controller with a fullScreenVsPopup test
* Add migration for fullScreenVsPopup state
* Move abtest state under an 'abtests' object.
* MetaMask shows fullScreen group of a/b test unapproved txs in a full browser tab
* Ensure cancel metrics event in confirm-transaction-base.component.js is sent in all cases
* Switch to existing tab for unapproved tx if it exists when opening in full screen
* Send metrics event for entering a/b test from confirm screen
* Fix lint, unit and integration tests related to a/b test code
* Remove unnecessary tabs.query call in triggerUiInNewTab
The disk store has not been written to since MetaMask v4.3.0, as it was
removed in #3083. It was kept around so that anything written to disk
prior to v4.3.0 could still be restored.
It has been a year and a half since that release, so I think it's time
to remove the disk store altogether. The consequences of losing locally
stored data are small anyway - it's an inconvenience at worst.
The AbortController is used in both the background and the UI. Support
for AbortController was added to Chrome in version 66, which is above
our minimum supported version.
I did consider increasing the minimum Chrome version to 66, but we have
a decent number of users still on Chrome 65 unfortunately.
The AbortController is used in both the background and the UI. Support
for AbortController was added to Chrome in version 66, which is above
our minimum supported version.
I did consider increasing the minimum Chrome version to 66, but we have
a decent number of users still on Chrome 65 unfortunately.
* Nix notification for Share Address
* Add Connections settings tab in place of privacy mode toggle
* Split ProviderApprovalController into two stores
* Remove privacyMode feature flag altogether
* Add migration to remove privacyMode feature flag
`seedWords` used to be stored on the metamask state temporarily at
certain points. This hasn't been the case since #5994, but references
to this state remained. All of the logic remained for correctly updating
these `seedWords`, handling them during navigation, and scrubbing them
from the state.
However the state was never updated in practice. The `seedWords` are
still returned by `verifySeedPhrase`, and they're still stored in
component state in a few places. But they aren't ever set in the Redux
metadata state or the Preferences controller.
All references to this state have been removed, along with any logic
for interacting with this state. A few unused actions were removed as
well.
Mark Stacey
Whymarrh Whitby
Erik Marks
Dan J Miller
kumavis
Thomas Huang
Thomas Huang
Chi Kei Chan
Bruno Barbieri
PaddyMc
bitpshr
kumavis
Esteban MIno
Dan Finlay
Jenny Pollack