From f457f9ab1f6eb1faef95ecf8c958d0444c9aac61 Mon Sep 17 00:00:00 2001 From: ryanml Date: Fri, 25 Dec 2020 02:05:06 -0700 Subject: [PATCH] Ensuring phishfort urls are taken in to consideration for phishing detection Fixes brave/brave-browser#13296 --- .../controllers/phishing-controller.js | 27 +++++++++++-------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/app/scripts/controllers/phishing-controller.js b/app/scripts/controllers/phishing-controller.js index 75a3d9dfeb..9f7dc620e8 100644 --- a/app/scripts/controllers/phishing-controller.js +++ b/app/scripts/controllers/phishing-controller.js @@ -1,5 +1,7 @@ import { PhishingController } from '@metamask/controllers' +const PhishingDetector = require('eth-phishing-detect/src/detector') + export default class BravePhishingController extends PhishingController { constructor (config, state) { super(config, state) @@ -7,19 +9,22 @@ export default class BravePhishingController extends PhishingController { this.phishfortResourceUrl = 'https://mainnet-infura-api.brave.com/phishfort' } - async updatePhishingLists () { - if (this.disabled) { - return - } - - // Whitelists and tolerances still need to be fetched from the original endpoint - await super.updatePhishingLists() - + async fetchPhishfortDenyList () { const phishFortDenylist = await fetch(this.phishfortResourceUrl) // eslint-disable-line no-undef - const parsedList = await phishFortDenylist.json() + return await phishFortDenylist.json() + } - if (parsedList && this.detector) { - this.detector.blacklist = parsedList + async update (state, overwrite = false) { + if (state.phishing && state.phishing.blacklist) { + const denyList = await this.fetchPhishfortDenyList() + if (denyList) { + state.phishing.blacklist = [ + ...state.phishing.blacklist, + ...denyList, + ] + this.detector = new PhishingDetector(state.phishing) + } } + super.update(state, overwrite) } }