@metamask-previews/phishing-controller 11.0.0-preview-02e7ff99 → 12.0.1-preview-473880a1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +38 -2
- package/dist/PhishingController.js +11 -2
- package/dist/PhishingController.mjs +10 -1
- package/dist/PhishingDetector.js +3 -2
- package/dist/PhishingDetector.mjs +2 -1
- package/dist/chunk-5NDIXQG5.js +16 -0
- package/dist/chunk-5NDIXQG5.js.map +1 -0
- package/dist/chunk-G2RL74NS.mjs +16 -0
- package/dist/chunk-G2RL74NS.mjs.map +1 -0
- package/dist/{chunk-Q42CM6EP.mjs → chunk-I3U4U3MW.mjs} +265 -46
- package/dist/chunk-I3U4U3MW.mjs.map +1 -0
- package/dist/{chunk-DPHXQJ4E.js → chunk-ZAOBCAQT.js} +266 -47
- package/dist/chunk-ZAOBCAQT.js.map +1 -0
- package/dist/index.js +11 -2
- package/dist/index.mjs +10 -1
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/dist/types/PhishingController.d.ts +61 -21
- package/dist/types/PhishingController.d.ts.map +1 -1
- package/dist/types/PhishingDetector.d.ts +14 -37
- package/dist/types/PhishingDetector.d.ts.map +1 -1
- package/dist/types/types.d.ts +50 -0
- package/dist/types/types.d.ts.map +1 -0
- package/dist/types/utils.d.ts +29 -2
- package/dist/types/utils.d.ts.map +1 -1
- package/dist/types.js +8 -0
- package/dist/types.js.map +1 -0
- package/dist/types.mjs +8 -0
- package/dist/types.mjs.map +1 -0
- package/dist/utils.js +9 -2
- package/dist/utils.mjs +8 -1
- package/package.json +5 -3
- package/dist/chunk-DPHXQJ4E.js.map +0 -1
- package/dist/chunk-Q42CM6EP.mjs.map +0 -1
package/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,40 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## [12.0.1]
|
|
11
|
+
|
|
12
|
+
### Added
|
|
13
|
+
|
|
14
|
+
- Add `getHostnameFromUrl` utility function to standardize hostname extraction from URLs ([#4645](https://github.com/MetaMask/core/pull/4645))
|
|
15
|
+
|
|
16
|
+
### Fixed
|
|
17
|
+
|
|
18
|
+
- Update `test`, `isBlockedRequest`, and `bypass` methods to use the hostname for allowlist checks instead of the full origin ([#4645](https://github.com/MetaMask/core/pull/4645))
|
|
19
|
+
- The previous approach of using the full origin had limitations in dealing with subdomains or variations in the URL structure, which could lead to inconsistent results or false negatives.
|
|
20
|
+
|
|
21
|
+
## [12.0.0]
|
|
22
|
+
|
|
23
|
+
### Added
|
|
24
|
+
|
|
25
|
+
- Add allowlist functionality to the C2 domain detection system ([#4464](https://github.com/MetaMask/core/pull/4644))
|
|
26
|
+
- Add `PhishingController` functionality for blocking client-side C2 requests by managing a hashed C2 request blocklist ([#4526](https://github.com/MetaMask/core/pull/4526))
|
|
27
|
+
- Add `requestBlocklist` type to `ListTypes`.
|
|
28
|
+
- Add `isBlockedRequest` method to `PhishingController`.
|
|
29
|
+
- Add `isMaliciousRequestDomain` method to `PhishingDetector`.
|
|
30
|
+
- Add handling of `requestBlocklist` in `PhishingDetector` configuration.
|
|
31
|
+
- Add logic to update and check `requestBlocklist` when updating a stale list.
|
|
32
|
+
- Add `sha256Hash` function to generate SHA-256 hash of a domain.
|
|
33
|
+
- Define and export new types: `PhishingControllerGetStateAction`, `PhishingControllerStateChangeEvent`, `PhishingControllerEvents` ([#4633](https://github.com/MetaMask/core/pull/4633))
|
|
34
|
+
|
|
35
|
+
### Changed
|
|
36
|
+
|
|
37
|
+
- **BREAKING:** Add `@noble/hashes` `^1.4.0` as dependency ([#4526](https://github.com/MetaMask/core/pull/4526))
|
|
38
|
+
- **BREAKING:**: Add `ethereum-cryptography` `^2.1.2` as dependency ([#4526](https://github.com/MetaMask/core/pull/4526))
|
|
39
|
+
- **BREAKING:** `PhishingControllerMessenger` must allow internal events defined in the `PhishingControllerEvents` type ([#4633](https://github.com/MetaMask/core/pull/4633))
|
|
40
|
+
- Widen `PhishingControllerActions` to include the `PhishingController:getState` action ([#4633](https://github.com/MetaMask/core/pull/4633))
|
|
41
|
+
- Bump `@metamask/base-controller` from `^6.0.2` to `^6.0.3` ([#4625](https://github.com/MetaMask/core/pull/4625))
|
|
42
|
+
- Bump `@metamask/controller-utils` from `^11.0.2` to `^11.1.0` ([#4639](https://github.com/MetaMask/core/pull/4639))
|
|
43
|
+
|
|
10
44
|
## [11.0.0]
|
|
11
45
|
|
|
12
46
|
### Changed
|
|
@@ -64,7 +98,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
64
98
|
- Changed Stalelist and hotlist update intervals ([#4202](https://github.com/MetaMask/core/pull/4202))
|
|
65
99
|
- Updated the Stalelist update interval to 30 days and the hotlist update interval to 5 mins
|
|
66
100
|
- Bump `@metamask/controller-utils` version to `~9.1.0` ([#4153](https://github.com/MetaMask/core/pull/4153))
|
|
67
|
-
- Bump TypeScript version to `~4.9.5` ([#4084](https://github.com/MetaMask/core
|
|
101
|
+
- Bump TypeScript version to `~4.9.5` ([#4084](https://github.com/MetaMask/core/pull/4084))
|
|
68
102
|
- Bump `@metamask/base-controller` to `^5.0.2`
|
|
69
103
|
|
|
70
104
|
## [9.0.1]
|
|
@@ -228,7 +262,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
228
262
|
|
|
229
263
|
All changes listed after this point were applied to this package following the monorepo conversion.
|
|
230
264
|
|
|
231
|
-
[Unreleased]: https://github.com/MetaMask/core/compare/@metamask/phishing-controller@
|
|
265
|
+
[Unreleased]: https://github.com/MetaMask/core/compare/@metamask/phishing-controller@12.0.1...HEAD
|
|
266
|
+
[12.0.1]: https://github.com/MetaMask/core/compare/@metamask/phishing-controller@12.0.0...@metamask/phishing-controller@12.0.1
|
|
267
|
+
[12.0.0]: https://github.com/MetaMask/core/compare/@metamask/phishing-controller@11.0.0...@metamask/phishing-controller@12.0.0
|
|
232
268
|
[11.0.0]: https://github.com/MetaMask/core/compare/@metamask/phishing-controller@10.1.1...@metamask/phishing-controller@11.0.0
|
|
233
269
|
[10.1.1]: https://github.com/MetaMask/core/compare/@metamask/phishing-controller@10.1.0...@metamask/phishing-controller@10.1.1
|
|
234
270
|
[10.1.0]: https://github.com/MetaMask/core/compare/@metamask/phishing-controller@10.0.0...@metamask/phishing-controller@10.1.0
|
|
@@ -11,7 +11,12 @@
|
|
|
11
11
|
|
|
12
12
|
|
|
13
13
|
|
|
14
|
-
|
|
14
|
+
|
|
15
|
+
|
|
16
|
+
|
|
17
|
+
|
|
18
|
+
var _chunkZAOBCAQTjs = require('./chunk-ZAOBCAQT.js');
|
|
19
|
+
require('./chunk-5NDIXQG5.js');
|
|
15
20
|
require('./chunk-Z4BLTVTB.js');
|
|
16
21
|
|
|
17
22
|
|
|
@@ -26,5 +31,9 @@ require('./chunk-Z4BLTVTB.js');
|
|
|
26
31
|
|
|
27
32
|
|
|
28
33
|
|
|
29
|
-
|
|
34
|
+
|
|
35
|
+
|
|
36
|
+
|
|
37
|
+
|
|
38
|
+
exports.C2_DOMAIN_BLOCKLIST_ENDPOINT = _chunkZAOBCAQTjs.C2_DOMAIN_BLOCKLIST_ENDPOINT; exports.C2_DOMAIN_BLOCKLIST_REFRESH_INTERVAL = _chunkZAOBCAQTjs.C2_DOMAIN_BLOCKLIST_REFRESH_INTERVAL; exports.C2_DOMAIN_BLOCKLIST_URL = _chunkZAOBCAQTjs.C2_DOMAIN_BLOCKLIST_URL; exports.CLIENT_SIDE_DETECION_BASE_URL = _chunkZAOBCAQTjs.CLIENT_SIDE_DETECION_BASE_URL; exports.HOTLIST_REFRESH_INTERVAL = _chunkZAOBCAQTjs.HOTLIST_REFRESH_INTERVAL; exports.ListKeys = _chunkZAOBCAQTjs.ListKeys; exports.ListNames = _chunkZAOBCAQTjs.ListNames; exports.METAMASK_HOTLIST_DIFF_FILE = _chunkZAOBCAQTjs.METAMASK_HOTLIST_DIFF_FILE; exports.METAMASK_HOTLIST_DIFF_URL = _chunkZAOBCAQTjs.METAMASK_HOTLIST_DIFF_URL; exports.METAMASK_STALELIST_FILE = _chunkZAOBCAQTjs.METAMASK_STALELIST_FILE; exports.METAMASK_STALELIST_URL = _chunkZAOBCAQTjs.METAMASK_STALELIST_URL; exports.PHISHING_CONFIG_BASE_URL = _chunkZAOBCAQTjs.PHISHING_CONFIG_BASE_URL; exports.PhishingController = _chunkZAOBCAQTjs.PhishingController; exports.STALELIST_REFRESH_INTERVAL = _chunkZAOBCAQTjs.STALELIST_REFRESH_INTERVAL; exports.default = _chunkZAOBCAQTjs.PhishingController_default; exports.phishingListKeyNameMap = _chunkZAOBCAQTjs.phishingListKeyNameMap;
|
|
30
39
|
//# sourceMappingURL=PhishingController.js.map
|
|
@@ -1,4 +1,8 @@
|
|
|
1
1
|
import {
|
|
2
|
+
C2_DOMAIN_BLOCKLIST_ENDPOINT,
|
|
3
|
+
C2_DOMAIN_BLOCKLIST_REFRESH_INTERVAL,
|
|
4
|
+
C2_DOMAIN_BLOCKLIST_URL,
|
|
5
|
+
CLIENT_SIDE_DETECION_BASE_URL,
|
|
2
6
|
HOTLIST_REFRESH_INTERVAL,
|
|
3
7
|
ListKeys,
|
|
4
8
|
ListNames,
|
|
@@ -11,9 +15,14 @@ import {
|
|
|
11
15
|
PhishingController_default,
|
|
12
16
|
STALELIST_REFRESH_INTERVAL,
|
|
13
17
|
phishingListKeyNameMap
|
|
14
|
-
} from "./chunk-
|
|
18
|
+
} from "./chunk-I3U4U3MW.mjs";
|
|
19
|
+
import "./chunk-G2RL74NS.mjs";
|
|
15
20
|
import "./chunk-XUI43LEZ.mjs";
|
|
16
21
|
export {
|
|
22
|
+
C2_DOMAIN_BLOCKLIST_ENDPOINT,
|
|
23
|
+
C2_DOMAIN_BLOCKLIST_REFRESH_INTERVAL,
|
|
24
|
+
C2_DOMAIN_BLOCKLIST_URL,
|
|
25
|
+
CLIENT_SIDE_DETECION_BASE_URL,
|
|
17
26
|
HOTLIST_REFRESH_INTERVAL,
|
|
18
27
|
ListKeys,
|
|
19
28
|
ListNames,
|
package/dist/PhishingDetector.js
CHANGED
|
@@ -1,8 +1,9 @@
|
|
|
1
1
|
"use strict";Object.defineProperty(exports, "__esModule", {value: true});
|
|
2
2
|
|
|
3
|
-
var
|
|
3
|
+
var _chunkZAOBCAQTjs = require('./chunk-ZAOBCAQT.js');
|
|
4
|
+
require('./chunk-5NDIXQG5.js');
|
|
4
5
|
require('./chunk-Z4BLTVTB.js');
|
|
5
6
|
|
|
6
7
|
|
|
7
|
-
exports.PhishingDetector =
|
|
8
|
+
exports.PhishingDetector = _chunkZAOBCAQTjs.PhishingDetector;
|
|
8
9
|
//# sourceMappingURL=PhishingDetector.js.map
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
"use strict";Object.defineProperty(exports, "__esModule", {value: true});// src/types.ts
|
|
2
|
+
var PhishingDetectorResultType = /* @__PURE__ */ ((PhishingDetectorResultType2) => {
|
|
3
|
+
PhishingDetectorResultType2["All"] = "all";
|
|
4
|
+
PhishingDetectorResultType2["Fuzzy"] = "fuzzy";
|
|
5
|
+
PhishingDetectorResultType2["Blocklist"] = "blocklist";
|
|
6
|
+
PhishingDetectorResultType2["Allowlist"] = "allowlist";
|
|
7
|
+
PhishingDetectorResultType2["Blacklist"] = "blacklist";
|
|
8
|
+
PhishingDetectorResultType2["Whitelist"] = "whitelist";
|
|
9
|
+
PhishingDetectorResultType2["C2DomainBlocklist"] = "c2DomainBlocklist";
|
|
10
|
+
return PhishingDetectorResultType2;
|
|
11
|
+
})(PhishingDetectorResultType || {});
|
|
12
|
+
|
|
13
|
+
|
|
14
|
+
|
|
15
|
+
exports.PhishingDetectorResultType = PhishingDetectorResultType;
|
|
16
|
+
//# sourceMappingURL=chunk-5NDIXQG5.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/types.ts"],"names":["PhishingDetectorResultType"],"mappings":";AAyCO,IAAK,6BAAL,kBAAKA,gCAAL;AAIL,EAAAA,4BAAA,SAAM;AAIN,EAAAA,4BAAA,WAAQ;AAIR,EAAAA,4BAAA,eAAY;AAIZ,EAAAA,4BAAA,eAAY;AAKZ,EAAAA,4BAAA,eAAY;AAKZ,EAAAA,4BAAA,eAAY;AAIZ,EAAAA,4BAAA,uBAAoB;AA9BV,SAAAA;AAAA,GAAA","sourcesContent":["/**\n * Represents the result of checking a domain.\n */\nexport type PhishingDetectorResult = {\n /**\n * The name of the configuration object in which the domain was found within\n * an allowlist, blocklist, or fuzzylist.\n */\n name?: string;\n /**\n * The version associated with the configuration object in which the domain\n * was found within an allowlist, blocklist, or fuzzylist.\n */\n version?: string;\n /**\n * Whether the domain is regarded as allowed (true) or not (false).\n */\n result: boolean;\n /**\n * A normalized version of the domain, which is only constructed if the domain\n * is found within a list.\n */\n match?: string;\n /**\n * Which type of list in which the domain was found.\n *\n * - \"allowlist\" means that the domain was found in the allowlist.\n * - \"blocklist\" means that the domain was found in the blocklist.\n * - \"fuzzy\" means that the domain was found in the fuzzylist.\n * - \"blacklist\" means that the domain was found in a blacklist of a legacy\n * configuration object.\n * - \"whitelist\" means that the domain was found in a whitelist of a legacy\n * configuration object.\n * - \"all\" means that the domain was not found in any list.\n */\n type: PhishingDetectorResultType;\n};\n\n/**\n * The type of list in which the domain was found.\n */\nexport enum PhishingDetectorResultType {\n /*\n * \"all\" means that the domain was not found in any list.\n */\n All = 'all',\n /*\n * \"fuzzy\" means that the domain was found in the fuzzylist.\n */\n Fuzzy = 'fuzzy',\n /*\n * \"blocklist\" means that the domain was found in the blocklist.\n */\n Blocklist = 'blocklist',\n /*\n * \"allowlist\" means that the domain was found in the allowlist.\n */\n Allowlist = 'allowlist',\n /*\n * \"blacklist\" means that the domain was found in a blacklist of a legacy\n * configuration object.\n */\n Blacklist = 'blacklist',\n /*\n * \"whitelist\" means that the domain was found in a whitelist of a legacy\n * configuration object.\n */\n Whitelist = 'whitelist',\n /*\n * \"c2DomainBlocklist\" means that the domain was found in the C2 domain blocklist.\n */\n C2DomainBlocklist = 'c2DomainBlocklist',\n}\n"]}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
// src/types.ts
|
|
2
|
+
var PhishingDetectorResultType = /* @__PURE__ */ ((PhishingDetectorResultType2) => {
|
|
3
|
+
PhishingDetectorResultType2["All"] = "all";
|
|
4
|
+
PhishingDetectorResultType2["Fuzzy"] = "fuzzy";
|
|
5
|
+
PhishingDetectorResultType2["Blocklist"] = "blocklist";
|
|
6
|
+
PhishingDetectorResultType2["Allowlist"] = "allowlist";
|
|
7
|
+
PhishingDetectorResultType2["Blacklist"] = "blacklist";
|
|
8
|
+
PhishingDetectorResultType2["Whitelist"] = "whitelist";
|
|
9
|
+
PhishingDetectorResultType2["C2DomainBlocklist"] = "c2DomainBlocklist";
|
|
10
|
+
return PhishingDetectorResultType2;
|
|
11
|
+
})(PhishingDetectorResultType || {});
|
|
12
|
+
|
|
13
|
+
export {
|
|
14
|
+
PhishingDetectorResultType
|
|
15
|
+
};
|
|
16
|
+
//# sourceMappingURL=chunk-G2RL74NS.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/types.ts"],"sourcesContent":["/**\n * Represents the result of checking a domain.\n */\nexport type PhishingDetectorResult = {\n /**\n * The name of the configuration object in which the domain was found within\n * an allowlist, blocklist, or fuzzylist.\n */\n name?: string;\n /**\n * The version associated with the configuration object in which the domain\n * was found within an allowlist, blocklist, or fuzzylist.\n */\n version?: string;\n /**\n * Whether the domain is regarded as allowed (true) or not (false).\n */\n result: boolean;\n /**\n * A normalized version of the domain, which is only constructed if the domain\n * is found within a list.\n */\n match?: string;\n /**\n * Which type of list in which the domain was found.\n *\n * - \"allowlist\" means that the domain was found in the allowlist.\n * - \"blocklist\" means that the domain was found in the blocklist.\n * - \"fuzzy\" means that the domain was found in the fuzzylist.\n * - \"blacklist\" means that the domain was found in a blacklist of a legacy\n * configuration object.\n * - \"whitelist\" means that the domain was found in a whitelist of a legacy\n * configuration object.\n * - \"all\" means that the domain was not found in any list.\n */\n type: PhishingDetectorResultType;\n};\n\n/**\n * The type of list in which the domain was found.\n */\nexport enum PhishingDetectorResultType {\n /*\n * \"all\" means that the domain was not found in any list.\n */\n All = 'all',\n /*\n * \"fuzzy\" means that the domain was found in the fuzzylist.\n */\n Fuzzy = 'fuzzy',\n /*\n * \"blocklist\" means that the domain was found in the blocklist.\n */\n Blocklist = 'blocklist',\n /*\n * \"allowlist\" means that the domain was found in the allowlist.\n */\n Allowlist = 'allowlist',\n /*\n * \"blacklist\" means that the domain was found in a blacklist of a legacy\n * configuration object.\n */\n Blacklist = 'blacklist',\n /*\n * \"whitelist\" means that the domain was found in a whitelist of a legacy\n * configuration object.\n */\n Whitelist = 'whitelist',\n /*\n * \"c2DomainBlocklist\" means that the domain was found in the C2 domain blocklist.\n */\n C2DomainBlocklist = 'c2DomainBlocklist',\n}\n"],"mappings":";AAyCO,IAAK,6BAAL,kBAAKA,gCAAL;AAIL,EAAAA,4BAAA,SAAM;AAIN,EAAAA,4BAAA,WAAQ;AAIR,EAAAA,4BAAA,eAAY;AAIZ,EAAAA,4BAAA,eAAY;AAKZ,EAAAA,4BAAA,eAAY;AAKZ,EAAAA,4BAAA,eAAY;AAIZ,EAAAA,4BAAA,uBAAoB;AA9BV,SAAAA;AAAA,GAAA;","names":["PhishingDetectorResultType"]}
|