Check per-address permissions before broadcasting accountsChanged
Some checks failed
check / check (push) Has been cancelled
Some checks failed
check / check (push) Has been cancelled
When the active address changes, each tab now receives either the new address (if permitted) or an empty array (if not). This prevents dapps from seeing an address they have no permission for, which caused them to break.
This commit is contained in:
@@ -330,18 +330,25 @@ async function handleRpc(method, params, origin) {
|
||||
return { error: { message: "Unsupported method: " + method } };
|
||||
}
|
||||
|
||||
// Broadcast accountsChanged to all tabs
|
||||
// Broadcast accountsChanged to all tabs, respecting per-address permissions
|
||||
async function broadcastAccountsChanged() {
|
||||
const s = await getState();
|
||||
const activeAddress = await getActiveAddress();
|
||||
const accounts = activeAddress ? [activeAddress] : [];
|
||||
const allowed = activeAddress ? s.allowedSites[activeAddress] || [] : [];
|
||||
tabsApi.query({}, (tabs) => {
|
||||
for (const tab of tabs) {
|
||||
const origin = tab.url ? new URL(tab.url).origin : "";
|
||||
const hostname = extractHostname(origin);
|
||||
const hasPermission =
|
||||
activeAddress &&
|
||||
(allowed.includes(hostname) ||
|
||||
connectedSites[origin + ":" + activeAddress]);
|
||||
tabsApi.sendMessage(
|
||||
tab.id,
|
||||
{
|
||||
type: "AUTISTMASK_EVENT",
|
||||
eventName: "accountsChanged",
|
||||
data: accounts,
|
||||
data: hasPermission ? [activeAddress] : [],
|
||||
},
|
||||
() => {
|
||||
// Ignore errors for tabs without content script
|
||||
|
||||
Reference in New Issue
Block a user