sneak/AutistMask
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Scope site connection permissions per address
Some checks failed
check / check (push) Has been cancelled
Details

Browse Source 
allowedSites and deniedSites are now objects keyed by address instead
of flat arrays, so approving a site for one address no longer grants
access for all addresses. Old flat-array data is discarded on load.
Settings view collects unique hostnames across all addresses and
deleting removes the site from every address.
This commit is contained in:
Jeffrey Paul
2026-02-26 03:54:52 +07:00
parent 21ccecab46
commit 980fdda694
3 changed files with 51 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
src/background/index.js
View File

@@ -19,7 +19,7 @@ const windowsApi =
typeof browser !== "undefined" ? browser.windows : chrome.windows;
const tabsApi = typeof browser !== "undefined" ? browser.tabs : chrome.tabs;
// Connected sites (in-memory, non-persisted): { origin: true }
// Connected sites (in-memory, non-persisted): { "origin:address": true }
const connectedSites = {};
// Pending approval requests: { id: { origin, hostname, resolve } }
@@ -33,8 +33,8 @@ async function getState() {
wallets: [],
rpcUrl: DEFAULT_RPC_URL,
activeAddress: null,
allowedSites: [],
deniedSites: [],
allowedSites: {},
deniedSites: {},
}
);
}
@@ -114,9 +114,11 @@ async function handleConnectionRequest(origin) {
}
const hostname = extractHostname(origin);
const allowed = s.allowedSites[activeAddress] || [];
const denied = s.deniedSites[activeAddress] || [];
// Check denied list
if (s.deniedSites.includes(hostname)) {
if (denied.includes(hostname)) {
return {
error: {
code: 4001,
@@ -126,7 +128,10 @@ async function handleConnectionRequest(origin) {
}
// Check allowed list or in-memory connected
if (s.allowedSites.includes(hostname) || connectedSites[origin]) {
if (
allowed.includes(hostname) ||
connectedSites[origin + ":" + activeAddress]
) {
return { result: [activeAddress] };
}
@@ -137,19 +142,25 @@ async function handleConnectionRequest(origin) {
if (decision.remember) {
// Reload state to get latest, add to allowed, persist
await loadState();
if (!state.allowedSites.includes(hostname)) {
state.allowedSites.push(hostname);
if (!state.allowedSites[activeAddress]) {
state.allowedSites[activeAddress] = [];
}
if (!state.allowedSites[activeAddress].includes(hostname)) {
state.allowedSites[activeAddress].push(hostname);
}
await saveState();
} else {
connectedSites[origin] = true;
connectedSites[origin + ":" + activeAddress] = true;
}
return { result: [activeAddress] };
} else {
if (decision.remember) {
await loadState();
if (!state.deniedSites.includes(hostname)) {
state.deniedSites.push(hostname);
if (!state.deniedSites[activeAddress]) {
state.deniedSites[activeAddress] = [];
}
if (!state.deniedSites[activeAddress].includes(hostname)) {
state.deniedSites[activeAddress].push(hostname);
}
await saveState();
}
@@ -198,7 +209,11 @@ async function handleRpc(method, params, origin) {
const activeAddress = await getActiveAddress();
if (!activeAddress) return { result: [] };
const hostname = extractHostname(origin);
if (s.allowedSites.includes(hostname) || connectedSites[origin]) {
const allowed = s.allowedSites[activeAddress] || [];
if (
allowed.includes(hostname) ||
connectedSites[origin + ":" + activeAddress]
) {
return { result: [activeAddress] };
}
return { result: [] };
@@ -256,8 +271,10 @@ async function handleRpc(method, params, origin) {
const s = await getState();
const activeAddress = await getActiveAddress();
const hostname = extractHostname(origin);
const allowed = s.allowedSites[activeAddress] || [];
const isConnected =
s.allowedSites.includes(hostname) || connectedSites[origin];
allowed.includes(hostname) ||
connectedSites[origin + ":" + activeAddress];
if (!isConnected || !activeAddress) {
return { result: [] };
}