Merge pull request #203 from brave/fix-13296

Ensuring phishfort urls are always taken in to consideration for phishing detection
brave · Dec 27, 2020 · 5072cd6 · 5072cd6
2 parents 63653c9 + f457f9a
commit 5072cd6
Showing 1 changed file with 16 additions and 11 deletions.
diff --git a/app/scripts/controllers/phishing-controller.js b/app/scripts/controllers/phishing-controller.js
@@ -1,25 +1,30 @@
 import { PhishingController } from '@metamask/controllers'
 
+const PhishingDetector = require('eth-phishing-detect/src/detector')
+
 export default class BravePhishingController extends PhishingController {
   constructor (config, state) {
     super(config, state)
     this.configUrl = 'https://mainnet-infura-api.brave.com/blacklist'
     this.phishfortResourceUrl = 'https://mainnet-infura-api.brave.com/phishfort'
   }
 
-  async updatePhishingLists () {
-    if (this.disabled) {
-      return
-    }
-
-    // Whitelists and tolerances still need to be fetched from the original endpoint
-    await super.updatePhishingLists()
-
+  async fetchPhishfortDenyList () {
     const phishFortDenylist = await fetch(this.phishfortResourceUrl) // eslint-disable-line no-undef
-    const parsedList = await phishFortDenylist.json()
+    return await phishFortDenylist.json()
+  }
 
-    if (parsedList && this.detector) {
-      this.detector.blacklist = parsedList
+  async update (state, overwrite = false) {
+    if (state.phishing && state.phishing.blacklist) {
+      const denyList = await this.fetchPhishfortDenyList()
+      if (denyList) {
+        state.phishing.blacklist = [
+          ...state.phishing.blacklist,
+          ...denyList,
+        ]
+        this.detector = new PhishingDetector(state.phishing)
+      }
     }
+    super.update(state, overwrite)
   }
 }