Check per-address permissions before broadcasting accountsChanged

When the active address changes, each tab now receives either the new address (if permitted) or an empty array (if not). This prevents dapps from seeing an address they have no permission for, which caused them to break.
2026-02-26 03:57:23 +07:00
parent 980fdda694
commit be347155e8
1 changed files with 10 additions and 3 deletions
--- a/src/background/index.js
+++ b/src/background/index.js
@@ -330,18 +330,25 @@ async function handleRpc(method, params, origin) {
    return { error: { message: "Unsupported method: " + method } };
 }

-// Broadcast accountsChanged to all tabs
+// Broadcast accountsChanged to all tabs, respecting per-address permissions
 async function broadcastAccountsChanged() {
+    const s = await getState();
    const activeAddress = await getActiveAddress();
-    const accounts = activeAddress ? [activeAddress] : [];
+    const allowed = activeAddress ? s.allowedSites[activeAddress] || [] : [];
    tabsApi.query({}, (tabs) => {
        for (const tab of tabs) {
+            const origin = tab.url ? new URL(tab.url).origin : "";
+            const hostname = extractHostname(origin);
+            const hasPermission =
+                activeAddress &&
+                (allowed.includes(hostname) ||
+                    connectedSites[origin + ":" + activeAddress]);
            tabsApi.sendMessage(
                tab.id,
                {
                    type: "AUTISTMASK_EVENT",
                    eventName: "accountsChanged",
-                    data: accounts,
+                    data: hasPermission ? [activeAddress] : [],
                },
                () => {
                    // Ignore errors for tabs without content script