Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: implement client side malicious network request detection #25839

Merged
merged 36 commits into from
Aug 29, 2024
Merged
Changes from 1 commit
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
56d4283
wip: mvp to show blocking c2 domains
Jul 12, 2024
70467d7
wip: mvp to show blocking c2 domains
Jul 12, 2024
f2396ef
wip: all logic is not abstracted within the phishing controller withi…
Jul 15, 2024
7178989
feat: succesfully redirects users to the phishing page if the domain …
Jul 15, 2024
3beabd1
feat: added a reason to meta metrics for when we block a website
Jul 15, 2024
25680ea
wip
AugmentedMode Jul 29, 2024
24075b9
wip
AugmentedMode Aug 15, 2024
0f3f5ae
chore: merge main into feature branch
AugmentedMode Aug 28, 2024
4eeac70
chore: fix test that seems to be already broken for now
AugmentedMode Aug 28, 2024
c835b62
wip: send url instead of hostname to check phishing controller
AugmentedMode Aug 28, 2024
ac4534d
chore: remove local phishing controller and pull in phishing controll…
AugmentedMode Aug 28, 2024
4e78351
chore: fix merge conflicts
AugmentedMode Aug 28, 2024
777fbb0
chore: support new test function where we have to send the url instea…
AugmentedMode Aug 28, 2024
abd8869
Update LavaMoat policies
metamaskbot Aug 28, 2024
7e8894d
chore: Update privacy-snapshot.json with new API endpoint for client-…
AugmentedMode Aug 28, 2024
20d1b40
Merge branch 'feat/client-side-detection' of https://github.com/MetaM…
AugmentedMode Aug 28, 2024
c41895d
chore: fix failing tests
AugmentedMode Aug 28, 2024
7465082
chore: add tests to cover c2 domian detection
AugmentedMode Aug 28, 2024
10da980
chore: yarn dedupe
AugmentedMode Aug 28, 2024
f5ed2ab
Update LavaMoat policies
metamaskbot Aug 28, 2024
ddda6f7
chore: fix privacy snapshot url for client-side-detection.api.cx.meta…
AugmentedMode Aug 28, 2024
bab80a3
chore: remove all references to phishfort
AugmentedMode Aug 28, 2024
dc7f4b5
fix: mock timestamp query
AugmentedMode Aug 29, 2024
6fbc046
chore: bring back correct phishing controller version
AugmentedMode Aug 29, 2024
bb4b2f4
chore: update phishing controller version to 12.0.1
AugmentedMode Aug 29, 2024
a0a27ed
chore: add tests for ipfs blocking
AugmentedMode Aug 29, 2024
18f0ca2
Merge branch 'develop' into feat/client-side-detection
AugmentedMode Aug 29, 2024
3d4bcd9
chore: add tests for ipfs blocking
AugmentedMode Aug 29, 2024
08c9f3d
Merge branch 'feat/client-side-detection' of https://github.com/MetaM…
AugmentedMode Aug 29, 2024
b47587e
chore: fix ipfs tests
AugmentedMode Aug 29, 2024
0b5e4ee
chore: add more ipfs tests
AugmentedMode Aug 29, 2024
fc58e1f
chore: fix pr comments
AugmentedMode Aug 29, 2024
0f0794a
Merge branch 'develop' into feat/client-side-detection
AugmentedMode Aug 29, 2024
f5fde7b
chore: fix pr comments
AugmentedMode Aug 29, 2024
1ec468c
Merge branch 'feat/client-side-detection' of https://github.com/MetaM…
AugmentedMode Aug 29, 2024
cebf9f0
Merge branch 'develop' into feat/client-side-detection
AugmentedMode Aug 29, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
chore: fix test that seems to be already broken for now
AugmentedMode committed Aug 28, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
commit 4eeac701419d01e3f9d5d2e530938b4e6468ef4b
3 changes: 2 additions & 1 deletion app/scripts/lib/snap-keyring/utils/isBlockedUrl.test.ts
Original file line number Diff line number Diff line change
@@ -10,6 +10,7 @@ describe('isBlockedUrl', () => {
allowedEvents: [],
});
const phishingController = new PhishingController({
// @ts-expect-error TODO: Resolve/patch mismatch between messenger types
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: This is caused by the major version difference in the base-controller versions used in phishing-controller (v6) vs. extension (v5).

The only reason we're not seeing the same error in metamask-controller.js is because the file hasn't been converted to TypeScript.

messenger: phishingControllerMessenger,
state: {
phishingLists: [
@@ -21,7 +22,7 @@ describe('isBlockedUrl', () => {
version: 1,
lastUpdated: 0,
name: ListNames.MetaMask,
requestBlocklist: [],
c2DomainBlocklist: [],
},
],
},

Unchanged files with check annotations Beta

'### Severity',
];
// Titles of PR template
const prTemplateTitles = [
'## **Description**',
'## **Related issues**',
'## **Manual testing steps**',
'## **Screenshots/Recordings**',
'## **Pre-merge author checklist**',
'## **Pre-merge reviewer checklist**',

Check failure on line 47 in .github/scripts/shared/template.ts

GitHub Actions / check-template-and-add-labels

INVALID-PR-TEMPLATE

PR body does not match template ('pull-request-template.md'). Make sure PR's body includes all section titles. Sections titles are listed here: https://github.com/MetaMask/metamask-extension/blob/develop/.github/scripts/shared/template.ts#L40-L47

Check failure on line 47 in .github/scripts/shared/template.ts

GitHub Actions / check-template-and-add-labels

INVALID-PR-TEMPLATE

PR body does not match template ('pull-request-template.md'). Make sure PR's body includes all section titles. Sections titles are listed here: https://github.com/MetaMask/metamask-extension/blob/develop/.github/scripts/shared/template.ts#L40-L47
];
export const templates = new Map<TemplateType, Template>([