Skip to content

Commit

Permalink
don't add permissions middleware to trusted connections
Browse files Browse the repository at this point in the history
  • Loading branch information
rekmarks committed May 29, 2020
1 parent 88bed71 commit c2a6b9d
Showing 2 changed files with 11 additions and 6 deletions.
11 changes: 7 additions & 4 deletions app/scripts/metamask-controller.js
Original file line number Diff line number Diff line change
@@ -1548,7 +1548,7 @@ export default class MetamaskController extends EventEmitter {
tabId = sender.tab.id
}

const engine = this.setupProviderEngine({ origin, location: sender.url, extensionId, tabId })
const engine = this.setupProviderEngine({ origin, location: sender.url, extensionId, tabId, isInternal })

// setup connection
const providerStream = createEngineStream({ engine })
@@ -1581,8 +1581,9 @@ export default class MetamaskController extends EventEmitter {
* @param {string} options.location - The full URL of the sender
* @param {extensionId} [options.extensionId] - The extension ID of the sender, if the sender is an external extension
* @param {tabId} [options.tabId] - The tab ID of the sender - if the sender is within a tab
* @param {boolean} [options.isInternal] - True if called for a connection to an internal process
**/
setupProviderEngine ({ origin, location, extensionId, tabId }) {
setupProviderEngine ({ origin, location, extensionId, tabId, isInternal = false }) {
// setup json rpc engine stack
const engine = new RpcEngine()
const provider = this.provider
@@ -1610,8 +1611,10 @@ export default class MetamaskController extends EventEmitter {
// filter and subscription polyfills
engine.push(filterMiddleware)
engine.push(subscriptionManager.middleware)
// permissions
engine.push(this.permissionsController.createMiddleware({ origin, extensionId }))
if (!isInternal) {
// permissions
engine.push(this.permissionsController.createMiddleware({ origin, extensionId }))
}
// watch asset
engine.push(this.preferencesController.requestWatchAsset.bind(this.preferencesController))
// forward to metamask primary provider
Original file line number Diff line number Diff line change
@@ -102,8 +102,10 @@ describe('permissions controller', function () {
assert.deepEqual(cAccounts, [], 'origin should have no accounts')
})

it('does not handle "MetaMask" origin as special case', async function () {
const metamaskAccounts = await permController.getAccounts('MetaMask')
it('does not handle "MetaMask" or "metamask" origins as special cases', async function () {
let metamaskAccounts = await permController.getAccounts('MetaMask')
assert.deepEqual(metamaskAccounts, [], 'origin should have no accounts')
metamaskAccounts = await permController.getAccounts('metamask')
assert.deepEqual(metamaskAccounts, [], 'origin should have no accounts')
})
})

0 comments on commit c2a6b9d

Please sign in to comment.