@metamask-previews/phishing-controller 12.0.2-preview-367cb1da → 12.0.2-preview-cf09c0a

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (81) hide show
  1. package/dist/PhishingController.cjs +453 -0
  2. package/dist/PhishingController.cjs.map +1 -0
  3. package/dist/{types/PhishingController.d.ts → PhishingController.d.cts} +4 -4
  4. package/dist/PhishingController.d.cts.map +1 -0
  5. package/dist/PhishingController.d.mts +304 -0
  6. package/dist/PhishingController.d.mts.map +1 -0
  7. package/dist/PhishingController.mjs +448 -37
  8. package/dist/PhishingController.mjs.map +1 -1
  9. package/dist/PhishingDetector.cjs +233 -0
  10. package/dist/PhishingDetector.cjs.map +1 -0
  11. package/dist/{types/PhishingDetector.d.ts → PhishingDetector.d.cts} +2 -2
  12. package/dist/PhishingDetector.d.cts.map +1 -0
  13. package/dist/PhishingDetector.d.mts +64 -0
  14. package/dist/PhishingDetector.d.mts.map +1 -0
  15. package/dist/PhishingDetector.mjs +227 -7
  16. package/dist/PhishingDetector.mjs.map +1 -1
  17. package/dist/index.cjs +23 -0
  18. package/dist/index.cjs.map +1 -0
  19. package/dist/index.d.cts +5 -0
  20. package/dist/index.d.cts.map +1 -0
  21. package/dist/index.d.mts +5 -0
  22. package/dist/index.d.mts.map +1 -0
  23. package/dist/index.mjs +3 -41
  24. package/dist/index.mjs.map +1 -1
  25. package/dist/tests/utils.cjs +24 -0
  26. package/dist/tests/utils.cjs.map +1 -0
  27. package/dist/{types/tests/utils.d.ts → tests/utils.d.cts} +1 -1
  28. package/dist/tests/utils.d.cts.map +1 -0
  29. package/dist/tests/utils.d.mts +11 -0
  30. package/dist/tests/utils.d.mts.map +1 -0
  31. package/dist/tests/utils.mjs +18 -14
  32. package/dist/tests/utils.mjs.map +1 -1
  33. package/dist/types.cjs +40 -0
  34. package/dist/types.cjs.map +1 -0
  35. package/dist/{types/types.d.ts → types.d.cts} +1 -1
  36. package/dist/types.d.cts.map +1 -0
  37. package/dist/types.d.mts +50 -0
  38. package/dist/types.d.mts.map +1 -0
  39. package/dist/types.mjs +36 -7
  40. package/dist/types.mjs.map +1 -1
  41. package/dist/utils.cjs +242 -0
  42. package/dist/utils.cjs.map +1 -0
  43. package/dist/{types/utils.d.ts → utils.d.cts} +4 -4
  44. package/dist/utils.d.cts.map +1 -0
  45. package/dist/utils.d.mts +119 -0
  46. package/dist/utils.d.mts.map +1 -0
  47. package/dist/utils.mjs +224 -31
  48. package/dist/utils.mjs.map +1 -1
  49. package/package.json +12 -7
  50. package/dist/PhishingController.js +0 -39
  51. package/dist/PhishingController.js.map +0 -1
  52. package/dist/PhishingDetector.js +0 -9
  53. package/dist/PhishingDetector.js.map +0 -1
  54. package/dist/chunk-5NDIXQG5.js +0 -16
  55. package/dist/chunk-5NDIXQG5.js.map +0 -1
  56. package/dist/chunk-G2RL74NS.mjs +0 -16
  57. package/dist/chunk-G2RL74NS.mjs.map +0 -1
  58. package/dist/chunk-I3U4U3MW.mjs +0 -812
  59. package/dist/chunk-I3U4U3MW.mjs.map +0 -1
  60. package/dist/chunk-XUI43LEZ.mjs +0 -30
  61. package/dist/chunk-XUI43LEZ.mjs.map +0 -1
  62. package/dist/chunk-Z4BLTVTB.js +0 -30
  63. package/dist/chunk-Z4BLTVTB.js.map +0 -1
  64. package/dist/chunk-ZAOBCAQT.js +0 -812
  65. package/dist/chunk-ZAOBCAQT.js.map +0 -1
  66. package/dist/index.js +0 -42
  67. package/dist/index.js.map +0 -1
  68. package/dist/tests/utils.js +0 -16
  69. package/dist/tests/utils.js.map +0 -1
  70. package/dist/tsconfig.build.tsbuildinfo +0 -1
  71. package/dist/types/PhishingController.d.ts.map +0 -1
  72. package/dist/types/PhishingDetector.d.ts.map +0 -1
  73. package/dist/types/index.d.ts +0 -5
  74. package/dist/types/index.d.ts.map +0 -1
  75. package/dist/types/tests/utils.d.ts.map +0 -1
  76. package/dist/types/types.d.ts.map +0 -1
  77. package/dist/types/utils.d.ts.map +0 -1
  78. package/dist/types.js +0 -8
  79. package/dist/types.js.map +0 -1
  80. package/dist/utils.js +0 -33
  81. package/dist/utils.js.map +0 -1
@@ -0,0 +1,5 @@
1
+ export * from "./PhishingController.cjs";
2
+ export type { LegacyPhishingDetectorList, PhishingDetectorList, FuzzyTolerance, PhishingDetectorOptions, PhishingDetectorConfiguration, } from "./PhishingDetector.cjs";
3
+ export { PhishingDetector } from "./PhishingDetector.cjs";
4
+ export { PhishingDetectorResultType } from "./types.cjs";
5
+ //# sourceMappingURL=index.d.cts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.cts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,yCAAqC;AACrC,YAAY,EACV,0BAA0B,EAC1B,oBAAoB,EACpB,cAAc,EACd,uBAAuB,EACvB,6BAA6B,GAC9B,+BAA2B;AAC5B,OAAO,EAAE,gBAAgB,EAAE,+BAA2B;AACtD,OAAO,EAAE,0BAA0B,EAAE,oBAAgB"}
@@ -0,0 +1,5 @@
1
+ export * from "./PhishingController.mjs";
2
+ export type { LegacyPhishingDetectorList, PhishingDetectorList, FuzzyTolerance, PhishingDetectorOptions, PhishingDetectorConfiguration, } from "./PhishingDetector.mjs";
3
+ export { PhishingDetector } from "./PhishingDetector.mjs";
4
+ export { PhishingDetectorResultType } from "./types.mjs";
5
+ //# sourceMappingURL=index.d.mts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.mts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,yCAAqC;AACrC,YAAY,EACV,0BAA0B,EAC1B,oBAAoB,EACpB,cAAc,EACd,uBAAuB,EACvB,6BAA6B,GAC9B,+BAA2B;AAC5B,OAAO,EAAE,gBAAgB,EAAE,+BAA2B;AACtD,OAAO,EAAE,0BAA0B,EAAE,oBAAgB"}
package/dist/index.mjs CHANGED
@@ -1,42 +1,4 @@
1
- import {
2
- C2_DOMAIN_BLOCKLIST_ENDPOINT,
3
- C2_DOMAIN_BLOCKLIST_REFRESH_INTERVAL,
4
- C2_DOMAIN_BLOCKLIST_URL,
5
- CLIENT_SIDE_DETECION_BASE_URL,
6
- HOTLIST_REFRESH_INTERVAL,
7
- ListKeys,
8
- ListNames,
9
- METAMASK_HOTLIST_DIFF_FILE,
10
- METAMASK_HOTLIST_DIFF_URL,
11
- METAMASK_STALELIST_FILE,
12
- METAMASK_STALELIST_URL,
13
- PHISHING_CONFIG_BASE_URL,
14
- PhishingController,
15
- PhishingDetector,
16
- STALELIST_REFRESH_INTERVAL,
17
- phishingListKeyNameMap
18
- } from "./chunk-I3U4U3MW.mjs";
19
- import {
20
- PhishingDetectorResultType
21
- } from "./chunk-G2RL74NS.mjs";
22
- import "./chunk-XUI43LEZ.mjs";
23
- export {
24
- C2_DOMAIN_BLOCKLIST_ENDPOINT,
25
- C2_DOMAIN_BLOCKLIST_REFRESH_INTERVAL,
26
- C2_DOMAIN_BLOCKLIST_URL,
27
- CLIENT_SIDE_DETECION_BASE_URL,
28
- HOTLIST_REFRESH_INTERVAL,
29
- ListKeys,
30
- ListNames,
31
- METAMASK_HOTLIST_DIFF_FILE,
32
- METAMASK_HOTLIST_DIFF_URL,
33
- METAMASK_STALELIST_FILE,
34
- METAMASK_STALELIST_URL,
35
- PHISHING_CONFIG_BASE_URL,
36
- PhishingController,
37
- PhishingDetector,
38
- PhishingDetectorResultType,
39
- STALELIST_REFRESH_INTERVAL,
40
- phishingListKeyNameMap
41
- };
1
+ export * from "./PhishingController.mjs";
2
+ export { PhishingDetector } from "./PhishingDetector.mjs";
3
+ export { PhishingDetectorResultType } from "./types.mjs";
42
4
  //# sourceMappingURL=index.mjs.map
@@ -1 +1 @@
1
- {"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
1
+ {"version":3,"file":"index.mjs","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,yCAAqC;AAQrC,OAAO,EAAE,gBAAgB,EAAE,+BAA2B;AACtD,OAAO,EAAE,0BAA0B,EAAE,oBAAgB","sourcesContent":["export * from './PhishingController';\nexport type {\n LegacyPhishingDetectorList,\n PhishingDetectorList,\n FuzzyTolerance,\n PhishingDetectorOptions,\n PhishingDetectorConfiguration,\n} from './PhishingDetector';\nexport { PhishingDetector } from './PhishingDetector';\nexport { PhishingDetectorResultType } from './types';\n"]}
@@ -0,0 +1,24 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.formatHostnameToUrl = void 0;
4
+ /**
5
+ * Formats a hostname into a URL so we can parse it correctly
6
+ * and pass full URLs into the PhishingDetector class. Previously
7
+ * only hostnames were supported, but now only full URLs are
8
+ * supported since we want to block IPFS CIDs.
9
+ *
10
+ * @param hostname - the hostname of the URL.
11
+ * @returns the href property of a URL object.
12
+ */
13
+ const formatHostnameToUrl = (hostname) => {
14
+ let url = '';
15
+ try {
16
+ url = new URL(hostname).href;
17
+ }
18
+ catch (e) {
19
+ url = new URL(['https://', hostname].join('')).href;
20
+ }
21
+ return url;
22
+ };
23
+ exports.formatHostnameToUrl = formatHostnameToUrl;
24
+ //# sourceMappingURL=utils.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"utils.cjs","sourceRoot":"","sources":["../../src/tests/utils.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;GAQG;AACI,MAAM,mBAAmB,GAAG,CAAC,QAAgB,EAAU,EAAE;IAC9D,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,IAAI;QACF,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC;KAC9B;IAAC,OAAO,CAAC,EAAE;QACV,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;KACrD;IACD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AARW,QAAA,mBAAmB,uBAQ9B","sourcesContent":["/**\n * Formats a hostname into a URL so we can parse it correctly\n * and pass full URLs into the PhishingDetector class. Previously\n * only hostnames were supported, but now only full URLs are\n * supported since we want to block IPFS CIDs.\n *\n * @param hostname - the hostname of the URL.\n * @returns the href property of a URL object.\n */\nexport const formatHostnameToUrl = (hostname: string): string => {\n let url = '';\n try {\n url = new URL(hostname).href;\n } catch (e) {\n url = new URL(['https://', hostname].join('')).href;\n }\n return url;\n};\n"]}
@@ -8,4 +8,4 @@
8
8
  * @returns the href property of a URL object.
9
9
  */
10
10
  export declare const formatHostnameToUrl: (hostname: string) => string;
11
- //# sourceMappingURL=utils.d.ts.map
11
+ //# sourceMappingURL=utils.d.cts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"utils.d.cts","sourceRoot":"","sources":["../../src/tests/utils.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,eAAO,MAAM,mBAAmB,aAAc,MAAM,KAAG,MAQtD,CAAC"}
@@ -0,0 +1,11 @@
1
+ /**
2
+ * Formats a hostname into a URL so we can parse it correctly
3
+ * and pass full URLs into the PhishingDetector class. Previously
4
+ * only hostnames were supported, but now only full URLs are
5
+ * supported since we want to block IPFS CIDs.
6
+ *
7
+ * @param hostname - the hostname of the URL.
8
+ * @returns the href property of a URL object.
9
+ */
10
+ export declare const formatHostnameToUrl: (hostname: string) => string;
11
+ //# sourceMappingURL=utils.d.mts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"utils.d.mts","sourceRoot":"","sources":["../../src/tests/utils.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,eAAO,MAAM,mBAAmB,aAAc,MAAM,KAAG,MAQtD,CAAC"}
@@ -1,16 +1,20 @@
1
- import "../chunk-XUI43LEZ.mjs";
2
-
3
- // src/tests/utils.ts
4
- var formatHostnameToUrl = (hostname) => {
5
- let url = "";
6
- try {
7
- url = new URL(hostname).href;
8
- } catch (e) {
9
- url = new URL(["https://", hostname].join("")).href;
10
- }
11
- return url;
12
- };
13
- export {
14
- formatHostnameToUrl
1
+ /**
2
+ * Formats a hostname into a URL so we can parse it correctly
3
+ * and pass full URLs into the PhishingDetector class. Previously
4
+ * only hostnames were supported, but now only full URLs are
5
+ * supported since we want to block IPFS CIDs.
6
+ *
7
+ * @param hostname - the hostname of the URL.
8
+ * @returns the href property of a URL object.
9
+ */
10
+ export const formatHostnameToUrl = (hostname) => {
11
+ let url = '';
12
+ try {
13
+ url = new URL(hostname).href;
14
+ }
15
+ catch (e) {
16
+ url = new URL(['https://', hostname].join('')).href;
17
+ }
18
+ return url;
15
19
  };
16
20
  //# sourceMappingURL=utils.mjs.map
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/tests/utils.ts"],"sourcesContent":["/**\n * Formats a hostname into a URL so we can parse it correctly\n * and pass full URLs into the PhishingDetector class. Previously\n * only hostnames were supported, but now only full URLs are\n * supported since we want to block IPFS CIDs.\n *\n * @param hostname - the hostname of the URL.\n * @returns the href property of a URL object.\n */\nexport const formatHostnameToUrl = (hostname: string): string => {\n let url = '';\n try {\n url = new URL(hostname).href;\n } catch (e) {\n url = new URL(['https://', hostname].join('')).href;\n }\n return url;\n};\n"],"mappings":";;;AASO,IAAM,sBAAsB,CAAC,aAA6B;AAC/D,MAAI,MAAM;AACV,MAAI;AACF,UAAM,IAAI,IAAI,QAAQ,EAAE;AAAA,EAC1B,SAAS,GAAG;AACV,UAAM,IAAI,IAAI,CAAC,YAAY,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE;AAAA,EACjD;AACA,SAAO;AACT;","names":[]}
1
+ {"version":3,"file":"utils.mjs","sourceRoot":"","sources":["../../src/tests/utils.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,QAAgB,EAAU,EAAE;IAC9D,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,IAAI;QACF,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC;KAC9B;IAAC,OAAO,CAAC,EAAE;QACV,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;KACrD;IACD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC","sourcesContent":["/**\n * Formats a hostname into a URL so we can parse it correctly\n * and pass full URLs into the PhishingDetector class. Previously\n * only hostnames were supported, but now only full URLs are\n * supported since we want to block IPFS CIDs.\n *\n * @param hostname - the hostname of the URL.\n * @returns the href property of a URL object.\n */\nexport const formatHostnameToUrl = (hostname: string): string => {\n let url = '';\n try {\n url = new URL(hostname).href;\n } catch (e) {\n url = new URL(['https://', hostname].join('')).href;\n }\n return url;\n};\n"]}
package/dist/types.cjs ADDED
@@ -0,0 +1,40 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.PhishingDetectorResultType = void 0;
4
+ /**
5
+ * The type of list in which the domain was found.
6
+ */
7
+ var PhishingDetectorResultType;
8
+ (function (PhishingDetectorResultType) {
9
+ /*
10
+ * "all" means that the domain was not found in any list.
11
+ */
12
+ PhishingDetectorResultType["All"] = "all";
13
+ /*
14
+ * "fuzzy" means that the domain was found in the fuzzylist.
15
+ */
16
+ PhishingDetectorResultType["Fuzzy"] = "fuzzy";
17
+ /*
18
+ * "blocklist" means that the domain was found in the blocklist.
19
+ */
20
+ PhishingDetectorResultType["Blocklist"] = "blocklist";
21
+ /*
22
+ * "allowlist" means that the domain was found in the allowlist.
23
+ */
24
+ PhishingDetectorResultType["Allowlist"] = "allowlist";
25
+ /*
26
+ * "blacklist" means that the domain was found in a blacklist of a legacy
27
+ * configuration object.
28
+ */
29
+ PhishingDetectorResultType["Blacklist"] = "blacklist";
30
+ /*
31
+ * "whitelist" means that the domain was found in a whitelist of a legacy
32
+ * configuration object.
33
+ */
34
+ PhishingDetectorResultType["Whitelist"] = "whitelist";
35
+ /*
36
+ * "c2DomainBlocklist" means that the domain was found in the C2 domain blocklist.
37
+ */
38
+ PhishingDetectorResultType["C2DomainBlocklist"] = "c2DomainBlocklist";
39
+ })(PhishingDetectorResultType || (exports.PhishingDetectorResultType = PhishingDetectorResultType = {}));
40
+ //# sourceMappingURL=types.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.cjs","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":";;;AAsCA;;GAEG;AACH,IAAY,0BA+BX;AA/BD,WAAY,0BAA0B;IACpC;;OAEG;IACH,yCAAW,CAAA;IACX;;OAEG;IACH,6CAAe,CAAA;IACf;;OAEG;IACH,qDAAuB,CAAA;IACvB;;OAEG;IACH,qDAAuB,CAAA;IACvB;;;OAGG;IACH,qDAAuB,CAAA;IACvB;;;OAGG;IACH,qDAAuB,CAAA;IACvB;;OAEG;IACH,qEAAuC,CAAA;AACzC,CAAC,EA/BW,0BAA0B,0CAA1B,0BAA0B,QA+BrC","sourcesContent":["/**\n * Represents the result of checking a domain.\n */\nexport type PhishingDetectorResult = {\n /**\n * The name of the configuration object in which the domain was found within\n * an allowlist, blocklist, or fuzzylist.\n */\n name?: string;\n /**\n * The version associated with the configuration object in which the domain\n * was found within an allowlist, blocklist, or fuzzylist.\n */\n version?: string;\n /**\n * Whether the domain is regarded as allowed (true) or not (false).\n */\n result: boolean;\n /**\n * A normalized version of the domain, which is only constructed if the domain\n * is found within a list.\n */\n match?: string;\n /**\n * Which type of list in which the domain was found.\n *\n * - \"allowlist\" means that the domain was found in the allowlist.\n * - \"blocklist\" means that the domain was found in the blocklist.\n * - \"fuzzy\" means that the domain was found in the fuzzylist.\n * - \"blacklist\" means that the domain was found in a blacklist of a legacy\n * configuration object.\n * - \"whitelist\" means that the domain was found in a whitelist of a legacy\n * configuration object.\n * - \"all\" means that the domain was not found in any list.\n */\n type: PhishingDetectorResultType;\n};\n\n/**\n * The type of list in which the domain was found.\n */\nexport enum PhishingDetectorResultType {\n /*\n * \"all\" means that the domain was not found in any list.\n */\n All = 'all',\n /*\n * \"fuzzy\" means that the domain was found in the fuzzylist.\n */\n Fuzzy = 'fuzzy',\n /*\n * \"blocklist\" means that the domain was found in the blocklist.\n */\n Blocklist = 'blocklist',\n /*\n * \"allowlist\" means that the domain was found in the allowlist.\n */\n Allowlist = 'allowlist',\n /*\n * \"blacklist\" means that the domain was found in a blacklist of a legacy\n * configuration object.\n */\n Blacklist = 'blacklist',\n /*\n * \"whitelist\" means that the domain was found in a whitelist of a legacy\n * configuration object.\n */\n Whitelist = 'whitelist',\n /*\n * \"c2DomainBlocklist\" means that the domain was found in the C2 domain blocklist.\n */\n C2DomainBlocklist = 'c2DomainBlocklist',\n}\n"]}
@@ -47,4 +47,4 @@ export declare enum PhishingDetectorResultType {
47
47
  Whitelist = "whitelist",
48
48
  C2DomainBlocklist = "c2DomainBlocklist"
49
49
  }
50
- //# sourceMappingURL=types.d.ts.map
50
+ //# sourceMappingURL=types.d.cts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.cts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,MAAM,sBAAsB,GAAG;IACnC;;;OAGG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IACd;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,MAAM,EAAE,OAAO,CAAC;IAChB;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IACf;;;;;;;;;;;OAWG;IACH,IAAI,EAAE,0BAA0B,CAAC;CAClC,CAAC;AAEF;;GAEG;AACH,oBAAY,0BAA0B;IAIpC,GAAG,QAAQ;IAIX,KAAK,UAAU;IAIf,SAAS,cAAc;IAIvB,SAAS,cAAc;IAKvB,SAAS,cAAc;IAKvB,SAAS,cAAc;IAIvB,iBAAiB,sBAAsB;CACxC"}
@@ -0,0 +1,50 @@
1
+ /**
2
+ * Represents the result of checking a domain.
3
+ */
4
+ export type PhishingDetectorResult = {
5
+ /**
6
+ * The name of the configuration object in which the domain was found within
7
+ * an allowlist, blocklist, or fuzzylist.
8
+ */
9
+ name?: string;
10
+ /**
11
+ * The version associated with the configuration object in which the domain
12
+ * was found within an allowlist, blocklist, or fuzzylist.
13
+ */
14
+ version?: string;
15
+ /**
16
+ * Whether the domain is regarded as allowed (true) or not (false).
17
+ */
18
+ result: boolean;
19
+ /**
20
+ * A normalized version of the domain, which is only constructed if the domain
21
+ * is found within a list.
22
+ */
23
+ match?: string;
24
+ /**
25
+ * Which type of list in which the domain was found.
26
+ *
27
+ * - "allowlist" means that the domain was found in the allowlist.
28
+ * - "blocklist" means that the domain was found in the blocklist.
29
+ * - "fuzzy" means that the domain was found in the fuzzylist.
30
+ * - "blacklist" means that the domain was found in a blacklist of a legacy
31
+ * configuration object.
32
+ * - "whitelist" means that the domain was found in a whitelist of a legacy
33
+ * configuration object.
34
+ * - "all" means that the domain was not found in any list.
35
+ */
36
+ type: PhishingDetectorResultType;
37
+ };
38
+ /**
39
+ * The type of list in which the domain was found.
40
+ */
41
+ export declare enum PhishingDetectorResultType {
42
+ All = "all",
43
+ Fuzzy = "fuzzy",
44
+ Blocklist = "blocklist",
45
+ Allowlist = "allowlist",
46
+ Blacklist = "blacklist",
47
+ Whitelist = "whitelist",
48
+ C2DomainBlocklist = "c2DomainBlocklist"
49
+ }
50
+ //# sourceMappingURL=types.d.mts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"types.d.mts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,MAAM,sBAAsB,GAAG;IACnC;;;OAGG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IACd;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,MAAM,EAAE,OAAO,CAAC;IAChB;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IACf;;;;;;;;;;;OAWG;IACH,IAAI,EAAE,0BAA0B,CAAC;CAClC,CAAC;AAEF;;GAEG;AACH,oBAAY,0BAA0B;IAIpC,GAAG,QAAQ;IAIX,KAAK,UAAU;IAIf,SAAS,cAAc;IAIvB,SAAS,cAAc;IAKvB,SAAS,cAAc;IAKvB,SAAS,cAAc;IAIvB,iBAAiB,sBAAsB;CACxC"}
package/dist/types.mjs CHANGED
@@ -1,8 +1,37 @@
1
- import {
2
- PhishingDetectorResultType
3
- } from "./chunk-G2RL74NS.mjs";
4
- import "./chunk-XUI43LEZ.mjs";
5
- export {
6
- PhishingDetectorResultType
7
- };
1
+ /**
2
+ * The type of list in which the domain was found.
3
+ */
4
+ export var PhishingDetectorResultType;
5
+ (function (PhishingDetectorResultType) {
6
+ /*
7
+ * "all" means that the domain was not found in any list.
8
+ */
9
+ PhishingDetectorResultType["All"] = "all";
10
+ /*
11
+ * "fuzzy" means that the domain was found in the fuzzylist.
12
+ */
13
+ PhishingDetectorResultType["Fuzzy"] = "fuzzy";
14
+ /*
15
+ * "blocklist" means that the domain was found in the blocklist.
16
+ */
17
+ PhishingDetectorResultType["Blocklist"] = "blocklist";
18
+ /*
19
+ * "allowlist" means that the domain was found in the allowlist.
20
+ */
21
+ PhishingDetectorResultType["Allowlist"] = "allowlist";
22
+ /*
23
+ * "blacklist" means that the domain was found in a blacklist of a legacy
24
+ * configuration object.
25
+ */
26
+ PhishingDetectorResultType["Blacklist"] = "blacklist";
27
+ /*
28
+ * "whitelist" means that the domain was found in a whitelist of a legacy
29
+ * configuration object.
30
+ */
31
+ PhishingDetectorResultType["Whitelist"] = "whitelist";
32
+ /*
33
+ * "c2DomainBlocklist" means that the domain was found in the C2 domain blocklist.
34
+ */
35
+ PhishingDetectorResultType["C2DomainBlocklist"] = "c2DomainBlocklist";
36
+ })(PhishingDetectorResultType || (PhishingDetectorResultType = {}));
8
37
  //# sourceMappingURL=types.mjs.map
@@ -1 +1 @@
1
- {"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}
1
+ {"version":3,"file":"types.mjs","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAsCA;;GAEG;AACH,MAAM,CAAN,IAAY,0BA+BX;AA/BD,WAAY,0BAA0B;IACpC;;OAEG;IACH,yCAAW,CAAA;IACX;;OAEG;IACH,6CAAe,CAAA;IACf;;OAEG;IACH,qDAAuB,CAAA;IACvB;;OAEG;IACH,qDAAuB,CAAA;IACvB;;;OAGG;IACH,qDAAuB,CAAA;IACvB;;;OAGG;IACH,qDAAuB,CAAA;IACvB;;OAEG;IACH,qEAAuC,CAAA;AACzC,CAAC,EA/BW,0BAA0B,KAA1B,0BAA0B,QA+BrC","sourcesContent":["/**\n * Represents the result of checking a domain.\n */\nexport type PhishingDetectorResult = {\n /**\n * The name of the configuration object in which the domain was found within\n * an allowlist, blocklist, or fuzzylist.\n */\n name?: string;\n /**\n * The version associated with the configuration object in which the domain\n * was found within an allowlist, blocklist, or fuzzylist.\n */\n version?: string;\n /**\n * Whether the domain is regarded as allowed (true) or not (false).\n */\n result: boolean;\n /**\n * A normalized version of the domain, which is only constructed if the domain\n * is found within a list.\n */\n match?: string;\n /**\n * Which type of list in which the domain was found.\n *\n * - \"allowlist\" means that the domain was found in the allowlist.\n * - \"blocklist\" means that the domain was found in the blocklist.\n * - \"fuzzy\" means that the domain was found in the fuzzylist.\n * - \"blacklist\" means that the domain was found in a blacklist of a legacy\n * configuration object.\n * - \"whitelist\" means that the domain was found in a whitelist of a legacy\n * configuration object.\n * - \"all\" means that the domain was not found in any list.\n */\n type: PhishingDetectorResultType;\n};\n\n/**\n * The type of list in which the domain was found.\n */\nexport enum PhishingDetectorResultType {\n /*\n * \"all\" means that the domain was not found in any list.\n */\n All = 'all',\n /*\n * \"fuzzy\" means that the domain was found in the fuzzylist.\n */\n Fuzzy = 'fuzzy',\n /*\n * \"blocklist\" means that the domain was found in the blocklist.\n */\n Blocklist = 'blocklist',\n /*\n * \"allowlist\" means that the domain was found in the allowlist.\n */\n Allowlist = 'allowlist',\n /*\n * \"blacklist\" means that the domain was found in a blacklist of a legacy\n * configuration object.\n */\n Blacklist = 'blacklist',\n /*\n * \"whitelist\" means that the domain was found in a whitelist of a legacy\n * configuration object.\n */\n Whitelist = 'whitelist',\n /*\n * \"c2DomainBlocklist\" means that the domain was found in the C2 domain blocklist.\n */\n C2DomainBlocklist = 'c2DomainBlocklist',\n}\n"]}
package/dist/utils.cjs ADDED
@@ -0,0 +1,242 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.getHostnameFromUrl = exports.sha256Hash = exports.matchPartsAgainstList = exports.domainPartsToFuzzyForm = exports.domainPartsToDomain = exports.processConfigs = exports.getDefaultPhishingDetectorConfig = exports.processDomainList = exports.domainToParts = exports.validateConfig = exports.applyDiffs = exports.roundToNearestMinute = exports.fetchTimeNow = void 0;
4
+ const utils_1 = require("@noble/hashes/utils");
5
+ const sha256_1 = require("ethereum-cryptography/sha256");
6
+ const PhishingController_1 = require("./PhishingController.cjs");
7
+ const DEFAULT_TOLERANCE = 3;
8
+ /**
9
+ * Fetches current epoch time in seconds.
10
+ *
11
+ * @returns the Date.now() time in seconds instead of miliseconds. backend files rely on timestamps in seconds since epoch.
12
+ */
13
+ const fetchTimeNow = () => Math.round(Date.now() / 1000);
14
+ exports.fetchTimeNow = fetchTimeNow;
15
+ /**
16
+ * Rounds a Unix timestamp down to the nearest minute.
17
+ *
18
+ * @param unixTimestamp - The Unix timestamp to be rounded.
19
+ * @returns The rounded Unix timestamp.
20
+ */
21
+ function roundToNearestMinute(unixTimestamp) {
22
+ return Math.floor(unixTimestamp / 60) * 60;
23
+ }
24
+ exports.roundToNearestMinute = roundToNearestMinute;
25
+ /**
26
+ * Split a string into two pieces, using the first period as the delimiter.
27
+ *
28
+ * @param stringToSplit - The string to split.
29
+ * @returns An array of length two containing the beginning and end of the string.
30
+ */
31
+ const splitStringByPeriod = (stringToSplit) => {
32
+ const periodIndex = stringToSplit.indexOf('.');
33
+ return [
34
+ stringToSplit.slice(0, periodIndex),
35
+ stringToSplit.slice(periodIndex + 1),
36
+ ];
37
+ };
38
+ /**
39
+ * Determines which diffs are applicable to the listState, then applies those diffs.
40
+ *
41
+ * @param listState - the stalelist or the existing liststate that diffs will be applied to.
42
+ * @param hotlistDiffs - the diffs to apply to the listState if valid.
43
+ * @param listKey - the key associated with the input/output phishing list state.
44
+ * @param recentlyAddedC2Domains - list of hashed C2 domains to add to the local c2 domain blocklist
45
+ * @param recentlyRemovedC2Domains - list of hashed C2 domains to remove from the local c2 domain blocklist
46
+ * @returns the new list state
47
+ */
48
+ const applyDiffs = (listState, hotlistDiffs, listKey, recentlyAddedC2Domains = [], recentlyRemovedC2Domains = []) => {
49
+ // filter to remove diffs that were added before the lastUpdate time.
50
+ // filter to remove diffs that aren't applicable to the specified list (by listKey).
51
+ const diffsToApply = hotlistDiffs.filter(({ timestamp, targetList }) => timestamp > listState.lastUpdated &&
52
+ splitStringByPeriod(targetList)[0] === listKey);
53
+ // the reason behind using latestDiffTimestamp as the lastUpdated time
54
+ // is so that we can benefit server-side from memoization due to end client's
55
+ // `GET /v1/diffSince/:timestamp` requests lining up with
56
+ // our periodic updates (which create diffs at specific timestamps).
57
+ let latestDiffTimestamp = listState.lastUpdated;
58
+ const listSets = {
59
+ allowlist: new Set(listState.allowlist),
60
+ blocklist: new Set(listState.blocklist),
61
+ fuzzylist: new Set(listState.fuzzylist),
62
+ c2DomainBlocklist: new Set(listState.c2DomainBlocklist),
63
+ };
64
+ for (const { isRemoval, targetList, url, timestamp } of diffsToApply) {
65
+ const targetListType = splitStringByPeriod(targetList)[1];
66
+ if (timestamp > latestDiffTimestamp) {
67
+ latestDiffTimestamp = timestamp;
68
+ }
69
+ if (isRemoval) {
70
+ listSets[targetListType].delete(url);
71
+ }
72
+ else {
73
+ listSets[targetListType].add(url);
74
+ }
75
+ }
76
+ if (listKey === PhishingController_1.ListKeys.EthPhishingDetectConfig) {
77
+ for (const hash of recentlyAddedC2Domains) {
78
+ listSets.c2DomainBlocklist.add(hash);
79
+ }
80
+ for (const hash of recentlyRemovedC2Domains) {
81
+ listSets.c2DomainBlocklist.delete(hash);
82
+ }
83
+ }
84
+ return {
85
+ c2DomainBlocklist: Array.from(listSets.c2DomainBlocklist),
86
+ allowlist: Array.from(listSets.allowlist),
87
+ blocklist: Array.from(listSets.blocklist),
88
+ fuzzylist: Array.from(listSets.fuzzylist),
89
+ version: listState.version,
90
+ name: PhishingController_1.phishingListKeyNameMap[listKey],
91
+ tolerance: listState.tolerance,
92
+ lastUpdated: latestDiffTimestamp,
93
+ };
94
+ };
95
+ exports.applyDiffs = applyDiffs;
96
+ /**
97
+ * Validates the configuration object for the phishing detector.
98
+ *
99
+ * @param config - the configuration object to validate.
100
+ * @throws an error if the configuration is invalid.
101
+ */
102
+ function validateConfig(config) {
103
+ if (config === null || typeof config !== 'object') {
104
+ throw new Error('Invalid config');
105
+ }
106
+ if ('tolerance' in config && !('fuzzylist' in config)) {
107
+ throw new Error('Fuzzylist tolerance provided without fuzzylist');
108
+ }
109
+ if ('name' in config &&
110
+ (typeof config.name !== 'string' || config.name === '')) {
111
+ throw new Error("Invalid config parameter: 'name'");
112
+ }
113
+ if ('version' in config &&
114
+ (!['number', 'string'].includes(typeof config.version) ||
115
+ config.version === '')) {
116
+ throw new Error("Invalid config parameter: 'version'");
117
+ }
118
+ }
119
+ exports.validateConfig = validateConfig;
120
+ /**
121
+ * Converts a domain string to a list of domain parts.
122
+ *
123
+ * @param domain - the domain string to convert.
124
+ * @returns the list of domain parts.
125
+ */
126
+ const domainToParts = (domain) => {
127
+ try {
128
+ return domain.split('.').reverse();
129
+ }
130
+ catch (e) {
131
+ throw new Error(JSON.stringify(domain));
132
+ }
133
+ };
134
+ exports.domainToParts = domainToParts;
135
+ /**
136
+ * Converts a list of domain strings to a list of domain parts.
137
+ *
138
+ * @param list - the list of domain strings to convert.
139
+ * @returns the list of domain parts.
140
+ */
141
+ const processDomainList = (list) => {
142
+ return list.map(exports.domainToParts);
143
+ };
144
+ exports.processDomainList = processDomainList;
145
+ /**
146
+ * Gets the default phishing detector configuration.
147
+ *
148
+ * @param override - the optional override for the configuration.
149
+ * @param override.allowlist - the optional allowlist to override.
150
+ * @param override.blocklist - the optional blocklist to override.
151
+ * @param override.c2DomainBlocklist - the optional c2DomainBlocklist to override.
152
+ * @param override.fuzzylist - the optional fuzzylist to override.
153
+ * @param override.tolerance - the optional tolerance to override.
154
+ * @returns the default phishing detector configuration.
155
+ */
156
+ const getDefaultPhishingDetectorConfig = ({ allowlist = [], blocklist = [], fuzzylist = [], tolerance = DEFAULT_TOLERANCE, }) => ({
157
+ allowlist: (0, exports.processDomainList)(allowlist),
158
+ blocklist: (0, exports.processDomainList)(blocklist),
159
+ fuzzylist: (0, exports.processDomainList)(fuzzylist),
160
+ tolerance,
161
+ });
162
+ exports.getDefaultPhishingDetectorConfig = getDefaultPhishingDetectorConfig;
163
+ /**
164
+ * Processes the configurations for the phishing detector.
165
+ *
166
+ * @param configs - the configurations to process.
167
+ * @returns the processed configurations.
168
+ */
169
+ const processConfigs = (configs = []) => {
170
+ return configs.map((config) => {
171
+ validateConfig(config);
172
+ return { ...config, ...(0, exports.getDefaultPhishingDetectorConfig)(config) };
173
+ });
174
+ };
175
+ exports.processConfigs = processConfigs;
176
+ /**
177
+ * Converts a list of domain parts to a domain string.
178
+ *
179
+ * @param domainParts - the list of domain parts.
180
+ * @returns the domain string.
181
+ */
182
+ const domainPartsToDomain = (domainParts) => {
183
+ return domainParts.slice().reverse().join('.');
184
+ };
185
+ exports.domainPartsToDomain = domainPartsToDomain;
186
+ /**
187
+ * Converts a list of domain parts to a fuzzy form.
188
+ *
189
+ * @param domainParts - the list of domain parts.
190
+ * @returns the fuzzy form of the domain.
191
+ */
192
+ const domainPartsToFuzzyForm = (domainParts) => {
193
+ return domainParts.slice(1).reverse().join('.');
194
+ };
195
+ exports.domainPartsToFuzzyForm = domainPartsToFuzzyForm;
196
+ /**
197
+ * Matches the target parts, ignoring extra subdomains on source.
198
+ *
199
+ * @param source - the source domain parts.
200
+ * @param list - the list of domain parts to match against.
201
+ * @returns the parts for the first found matching entry.
202
+ */
203
+ const matchPartsAgainstList = (source, list) => {
204
+ return list.find((target) => {
205
+ // target domain has more parts than source, fail
206
+ if (target.length > source.length) {
207
+ return false;
208
+ }
209
+ // source matches target or (is deeper subdomain)
210
+ return target.every((part, index) => source[index] === part);
211
+ });
212
+ };
213
+ exports.matchPartsAgainstList = matchPartsAgainstList;
214
+ /**
215
+ * Generate the SHA-256 hash of a hostname.
216
+ *
217
+ * @param hostname - The hostname to hash.
218
+ * @returns The SHA-256 hash of the hostname.
219
+ */
220
+ const sha256Hash = (hostname) => {
221
+ const hashBuffer = (0, sha256_1.sha256)(new TextEncoder().encode(hostname.toLowerCase()));
222
+ return (0, utils_1.bytesToHex)(hashBuffer);
223
+ };
224
+ exports.sha256Hash = sha256Hash;
225
+ /**
226
+ * Extracts the hostname from a URL.
227
+ *
228
+ * @param url - The URL to extract the hostname from.
229
+ * @returns The hostname extracted from the URL, or null if the URL is invalid.
230
+ */
231
+ const getHostnameFromUrl = (url) => {
232
+ let hostname;
233
+ try {
234
+ hostname = new URL(url).hostname;
235
+ }
236
+ catch (error) {
237
+ return null;
238
+ }
239
+ return hostname;
240
+ };
241
+ exports.getHostnameFromUrl = getHostnameFromUrl;
242
+ //# sourceMappingURL=utils.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"utils.cjs","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":";;;AAAA,+CAAiD;AACjD,yDAAsD;AAGtD,iEAAwE;AAMxE,MAAM,iBAAiB,GAAG,CAAC,CAAC;AAE5B;;;;GAIG;AACI,MAAM,YAAY,GAAG,GAAW,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;AAA3D,QAAA,YAAY,gBAA+C;AAExE;;;;;GAKG;AACH,SAAgB,oBAAoB,CAAC,aAAqB;IACxD,OAAO,IAAI,CAAC,KAAK,CAAC,aAAa,GAAG,EAAE,CAAC,GAAG,EAAE,CAAC;AAC7C,CAAC;AAFD,oDAEC;AAED;;;;;GAKG;AACH,MAAM,mBAAmB,GAAG,CAC1B,aAAgC,EAClB,EAAE;IAChB,MAAM,WAAW,GAAG,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC/C,OAAO;QACL,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAU;QAC5C,aAAa,CAAC,KAAK,CAAC,WAAW,GAAG,CAAC,CAAQ;KAC5C,CAAC;AACJ,CAAC,CAAC;AAEF;;;;;;;;;GASG;AACI,MAAM,UAAU,GAAG,CACxB,SAA4B,EAC5B,YAAqB,EACrB,OAAiB,EACjB,yBAAmC,EAAE,EACrC,2BAAqC,EAAE,EACpB,EAAE;IACrB,qEAAqE;IACrE,oFAAoF;IACpF,MAAM,YAAY,GAAG,YAAY,CAAC,MAAM,CACtC,CAAC,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,CAC5B,SAAS,GAAG,SAAS,CAAC,WAAW;QACjC,mBAAmB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,OAAO,CACjD,CAAC;IAEF,sEAAsE;IACtE,6EAA6E;IAC7E,yDAAyD;IACzD,oEAAoE;IACpE,IAAI,mBAAmB,GAAG,SAAS,CAAC,WAAW,CAAC;IAEhD,MAAM,QAAQ,GAAG;QACf,SAAS,EAAE,IAAI,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC;QACvC,SAAS,EAAE,IAAI,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC;QACvC,SAAS,EAAE,IAAI,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC;QACvC,iBAAiB,EAAE,IAAI,GAAG,CAAC,SAAS,CAAC,iBAAiB,CAAC;KACxD,CAAC;IACF,KAAK,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,YAAY,EAAE;QACpE,MAAM,cAAc,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1D,IAAI,SAAS,GAAG,mBAAmB,EAAE;YACnC,mBAAmB,GAAG,SAAS,CAAC;SACjC;QACD,IAAI,SAAS,EAAE;YACb,QAAQ,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;SACtC;aAAM;YACL,QAAQ,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;SACnC;KACF;IAED,IAAI,OAAO,KAAK,6BAAQ,CAAC,uBAAuB,EAAE;QAChD,KAAK,MAAM,IAAI,IAAI,sBAAsB,EAAE;YACzC,QAAQ,CAAC,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;SACtC;QACD,KAAK,MAAM,IAAI,IAAI,wBAAwB,EAAE;YAC3C,QAAQ,CAAC,iBAAiB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;SACzC;KACF;IAED,OAAO;QACL,iBAAiB,EAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,iBAAiB,CAAC;QACzD,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;QACzC,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;QACzC,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;QACzC,OAAO,EAAE,SAAS,CAAC,OAAO;QAC1B,IAAI,EAAE,2CAAsB,CAAC,OAAO,CAAC;QACrC,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,WAAW,EAAE,mBAAmB;KACjC,CAAC;AACJ,CAAC,CAAC;AA1DW,QAAA,UAAU,cA0DrB;AAEF;;;;;GAKG;AACH,SAAgB,cAAc,CAC5B,MAAe;IAEf,IAAI,MAAM,KAAK,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE;QACjD,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;KACnC;IAED,IAAI,WAAW,IAAI,MAAM,IAAI,CAAC,CAAC,WAAW,IAAI,MAAM,CAAC,EAAE;QACrD,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;KACnE;IAED,IACE,MAAM,IAAI,MAAM;QAChB,CAAC,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ,IAAI,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC,EACvD;QACA,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;KACrD;IAED,IACE,SAAS,IAAI,MAAM;QACnB,CAAC,CAAC,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,MAAM,CAAC,OAAO,CAAC;YACpD,MAAM,CAAC,OAAO,KAAK,EAAE,CAAC,EACxB;QACA,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;KACxD;AACH,CAAC;AAzBD,wCAyBC;AAED;;;;;GAKG;AACI,MAAM,aAAa,GAAG,CAAC,MAAc,EAAE,EAAE;IAC9C,IAAI;QACF,OAAO,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;KACpC;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;KACzC;AACH,CAAC,CAAC;AANW,QAAA,aAAa,iBAMxB;AAEF;;;;;GAKG;AACI,MAAM,iBAAiB,GAAG,CAAC,IAAc,EAAE,EAAE;IAClD,OAAO,IAAI,CAAC,GAAG,CAAC,qBAAa,CAAC,CAAC;AACjC,CAAC,CAAC;AAFW,QAAA,iBAAiB,qBAE5B;AAEF;;;;;;;;;;GAUG;AACI,MAAM,gCAAgC,GAAG,CAAC,EAC/C,SAAS,GAAG,EAAE,EACd,SAAS,GAAG,EAAE,EACd,SAAS,GAAG,EAAE,EACd,SAAS,GAAG,iBAAiB,GAO9B,EAAiC,EAAE,CAAC,CAAC;IACpC,SAAS,EAAE,IAAA,yBAAiB,EAAC,SAAS,CAAC;IACvC,SAAS,EAAE,IAAA,yBAAiB,EAAC,SAAS,CAAC;IACvC,SAAS,EAAE,IAAA,yBAAiB,EAAC,SAAS,CAAC;IACvC,SAAS;CACV,CAAC,CAAC;AAhBU,QAAA,gCAAgC,oCAgB1C;AAEH;;;;;GAKG;AACI,MAAM,cAAc,GAAG,CAAC,UAAkC,EAAE,EAAE,EAAE;IACrE,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,MAA4B,EAAE,EAAE;QAClD,cAAc,CAAC,MAAM,CAAC,CAAC;QACvB,OAAO,EAAE,GAAG,MAAM,EAAE,GAAG,IAAA,wCAAgC,EAAC,MAAM,CAAC,EAAE,CAAC;IACpE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AALW,QAAA,cAAc,kBAKzB;AAEF;;;;;GAKG;AACI,MAAM,mBAAmB,GAAG,CAAC,WAAqB,EAAE,EAAE;IAC3D,OAAO,WAAW,CAAC,KAAK,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACjD,CAAC,CAAC;AAFW,QAAA,mBAAmB,uBAE9B;AAEF;;;;;GAKG;AACI,MAAM,sBAAsB,GAAG,CAAC,WAAqB,EAAE,EAAE;IAC9D,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,CAAC,CAAC;AAFW,QAAA,sBAAsB,0BAEjC;AAEF;;;;;;GAMG;AACI,MAAM,qBAAqB,GAAG,CAAC,MAAgB,EAAE,IAAgB,EAAE,EAAE;IAC1E,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;QAC1B,iDAAiD;QACjD,IAAI,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE;YACjC,OAAO,KAAK,CAAC;SACd;QACD,iDAAiD;QACjD,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC;IAC/D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AATW,QAAA,qBAAqB,yBAShC;AAEF;;;;;GAKG;AACI,MAAM,UAAU,GAAG,CAAC,QAAgB,EAAU,EAAE;IACrD,MAAM,UAAU,GAAG,IAAA,eAAM,EAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAC5E,OAAO,IAAA,kBAAU,EAAC,UAAU,CAAC,CAAC;AAChC,CAAC,CAAC;AAHW,QAAA,UAAU,cAGrB;AAEF;;;;;GAKG;AACI,MAAM,kBAAkB,GAAG,CAAC,GAAW,EAAiB,EAAE;IAC/D,IAAI,QAAQ,CAAC;IACb,IAAI;QACF,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;KAClC;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,IAAI,CAAC;KACb;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AARW,QAAA,kBAAkB,sBAQ7B","sourcesContent":["import { bytesToHex } from '@noble/hashes/utils';\nimport { sha256 } from 'ethereum-cryptography/sha256';\n\nimport type { Hotlist, PhishingListState } from './PhishingController';\nimport { ListKeys, phishingListKeyNameMap } from './PhishingController';\nimport type {\n PhishingDetectorList,\n PhishingDetectorConfiguration,\n} from './PhishingDetector';\n\nconst DEFAULT_TOLERANCE = 3;\n\n/**\n * Fetches current epoch time in seconds.\n *\n * @returns the Date.now() time in seconds instead of miliseconds. backend files rely on timestamps in seconds since epoch.\n */\nexport const fetchTimeNow = (): number => Math.round(Date.now() / 1000);\n\n/**\n * Rounds a Unix timestamp down to the nearest minute.\n *\n * @param unixTimestamp - The Unix timestamp to be rounded.\n * @returns The rounded Unix timestamp.\n */\nexport function roundToNearestMinute(unixTimestamp: number): number {\n return Math.floor(unixTimestamp / 60) * 60;\n}\n\n/**\n * Split a string into two pieces, using the first period as the delimiter.\n *\n * @param stringToSplit - The string to split.\n * @returns An array of length two containing the beginning and end of the string.\n */\nconst splitStringByPeriod = <Start extends string, End extends string>(\n stringToSplit: `${Start}.${End}`,\n): [Start, End] => {\n const periodIndex = stringToSplit.indexOf('.');\n return [\n stringToSplit.slice(0, periodIndex) as Start,\n stringToSplit.slice(periodIndex + 1) as End,\n ];\n};\n\n/**\n * Determines which diffs are applicable to the listState, then applies those diffs.\n *\n * @param listState - the stalelist or the existing liststate that diffs will be applied to.\n * @param hotlistDiffs - the diffs to apply to the listState if valid.\n * @param listKey - the key associated with the input/output phishing list state.\n * @param recentlyAddedC2Domains - list of hashed C2 domains to add to the local c2 domain blocklist\n * @param recentlyRemovedC2Domains - list of hashed C2 domains to remove from the local c2 domain blocklist\n * @returns the new list state\n */\nexport const applyDiffs = (\n listState: PhishingListState,\n hotlistDiffs: Hotlist,\n listKey: ListKeys,\n recentlyAddedC2Domains: string[] = [],\n recentlyRemovedC2Domains: string[] = [],\n): PhishingListState => {\n // filter to remove diffs that were added before the lastUpdate time.\n // filter to remove diffs that aren't applicable to the specified list (by listKey).\n const diffsToApply = hotlistDiffs.filter(\n ({ timestamp, targetList }) =>\n timestamp > listState.lastUpdated &&\n splitStringByPeriod(targetList)[0] === listKey,\n );\n\n // the reason behind using latestDiffTimestamp as the lastUpdated time\n // is so that we can benefit server-side from memoization due to end client's\n // `GET /v1/diffSince/:timestamp` requests lining up with\n // our periodic updates (which create diffs at specific timestamps).\n let latestDiffTimestamp = listState.lastUpdated;\n\n const listSets = {\n allowlist: new Set(listState.allowlist),\n blocklist: new Set(listState.blocklist),\n fuzzylist: new Set(listState.fuzzylist),\n c2DomainBlocklist: new Set(listState.c2DomainBlocklist),\n };\n for (const { isRemoval, targetList, url, timestamp } of diffsToApply) {\n const targetListType = splitStringByPeriod(targetList)[1];\n if (timestamp > latestDiffTimestamp) {\n latestDiffTimestamp = timestamp;\n }\n if (isRemoval) {\n listSets[targetListType].delete(url);\n } else {\n listSets[targetListType].add(url);\n }\n }\n\n if (listKey === ListKeys.EthPhishingDetectConfig) {\n for (const hash of recentlyAddedC2Domains) {\n listSets.c2DomainBlocklist.add(hash);\n }\n for (const hash of recentlyRemovedC2Domains) {\n listSets.c2DomainBlocklist.delete(hash);\n }\n }\n\n return {\n c2DomainBlocklist: Array.from(listSets.c2DomainBlocklist),\n allowlist: Array.from(listSets.allowlist),\n blocklist: Array.from(listSets.blocklist),\n fuzzylist: Array.from(listSets.fuzzylist),\n version: listState.version,\n name: phishingListKeyNameMap[listKey],\n tolerance: listState.tolerance,\n lastUpdated: latestDiffTimestamp,\n };\n};\n\n/**\n * Validates the configuration object for the phishing detector.\n *\n * @param config - the configuration object to validate.\n * @throws an error if the configuration is invalid.\n */\nexport function validateConfig(\n config: unknown,\n): asserts config is PhishingListState {\n if (config === null || typeof config !== 'object') {\n throw new Error('Invalid config');\n }\n\n if ('tolerance' in config && !('fuzzylist' in config)) {\n throw new Error('Fuzzylist tolerance provided without fuzzylist');\n }\n\n if (\n 'name' in config &&\n (typeof config.name !== 'string' || config.name === '')\n ) {\n throw new Error(\"Invalid config parameter: 'name'\");\n }\n\n if (\n 'version' in config &&\n (!['number', 'string'].includes(typeof config.version) ||\n config.version === '')\n ) {\n throw new Error(\"Invalid config parameter: 'version'\");\n }\n}\n\n/**\n * Converts a domain string to a list of domain parts.\n *\n * @param domain - the domain string to convert.\n * @returns the list of domain parts.\n */\nexport const domainToParts = (domain: string) => {\n try {\n return domain.split('.').reverse();\n } catch (e) {\n throw new Error(JSON.stringify(domain));\n }\n};\n\n/**\n * Converts a list of domain strings to a list of domain parts.\n *\n * @param list - the list of domain strings to convert.\n * @returns the list of domain parts.\n */\nexport const processDomainList = (list: string[]) => {\n return list.map(domainToParts);\n};\n\n/**\n * Gets the default phishing detector configuration.\n *\n * @param override - the optional override for the configuration.\n * @param override.allowlist - the optional allowlist to override.\n * @param override.blocklist - the optional blocklist to override.\n * @param override.c2DomainBlocklist - the optional c2DomainBlocklist to override.\n * @param override.fuzzylist - the optional fuzzylist to override.\n * @param override.tolerance - the optional tolerance to override.\n * @returns the default phishing detector configuration.\n */\nexport const getDefaultPhishingDetectorConfig = ({\n allowlist = [],\n blocklist = [],\n fuzzylist = [],\n tolerance = DEFAULT_TOLERANCE,\n}: {\n allowlist?: string[];\n blocklist?: string[];\n c2DomainBlocklist?: string[];\n fuzzylist?: string[];\n tolerance?: number;\n}): PhishingDetectorConfiguration => ({\n allowlist: processDomainList(allowlist),\n blocklist: processDomainList(blocklist),\n fuzzylist: processDomainList(fuzzylist),\n tolerance,\n});\n\n/**\n * Processes the configurations for the phishing detector.\n *\n * @param configs - the configurations to process.\n * @returns the processed configurations.\n */\nexport const processConfigs = (configs: PhishingDetectorList[] = []) => {\n return configs.map((config: PhishingDetectorList) => {\n validateConfig(config);\n return { ...config, ...getDefaultPhishingDetectorConfig(config) };\n });\n};\n\n/**\n * Converts a list of domain parts to a domain string.\n *\n * @param domainParts - the list of domain parts.\n * @returns the domain string.\n */\nexport const domainPartsToDomain = (domainParts: string[]) => {\n return domainParts.slice().reverse().join('.');\n};\n\n/**\n * Converts a list of domain parts to a fuzzy form.\n *\n * @param domainParts - the list of domain parts.\n * @returns the fuzzy form of the domain.\n */\nexport const domainPartsToFuzzyForm = (domainParts: string[]) => {\n return domainParts.slice(1).reverse().join('.');\n};\n\n/**\n * Matches the target parts, ignoring extra subdomains on source.\n *\n * @param source - the source domain parts.\n * @param list - the list of domain parts to match against.\n * @returns the parts for the first found matching entry.\n */\nexport const matchPartsAgainstList = (source: string[], list: string[][]) => {\n return list.find((target) => {\n // target domain has more parts than source, fail\n if (target.length > source.length) {\n return false;\n }\n // source matches target or (is deeper subdomain)\n return target.every((part, index) => source[index] === part);\n });\n};\n\n/**\n * Generate the SHA-256 hash of a hostname.\n *\n * @param hostname - The hostname to hash.\n * @returns The SHA-256 hash of the hostname.\n */\nexport const sha256Hash = (hostname: string): string => {\n const hashBuffer = sha256(new TextEncoder().encode(hostname.toLowerCase()));\n return bytesToHex(hashBuffer);\n};\n\n/**\n * Extracts the hostname from a URL.\n *\n * @param url - The URL to extract the hostname from.\n * @returns The hostname extracted from the URL, or null if the URL is invalid.\n */\nexport const getHostnameFromUrl = (url: string): string | null => {\n let hostname;\n try {\n hostname = new URL(url).hostname;\n } catch (error) {\n return null;\n }\n return hostname;\n};\n"]}
@@ -1,6 +1,6 @@
1
- import type { Hotlist, PhishingListState } from './PhishingController';
2
- import { ListKeys } from './PhishingController';
3
- import type { PhishingDetectorList, PhishingDetectorConfiguration } from './PhishingDetector';
1
+ import type { Hotlist, PhishingListState } from "./PhishingController.cjs";
2
+ import { ListKeys } from "./PhishingController.cjs";
3
+ import type { PhishingDetectorList, PhishingDetectorConfiguration } from "./PhishingDetector.cjs";
4
4
  /**
5
5
  * Fetches current epoch time in seconds.
6
6
  *
@@ -116,4 +116,4 @@ export declare const sha256Hash: (hostname: string) => string;
116
116
  * @returns The hostname extracted from the URL, or null if the URL is invalid.
117
117
  */
118
118
  export declare const getHostnameFromUrl: (url: string) => string | null;
119
- //# sourceMappingURL=utils.d.ts.map
119
+ //# sourceMappingURL=utils.d.cts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"utils.d.cts","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,OAAO,EAAE,iBAAiB,EAAE,iCAA6B;AACvE,OAAO,EAAE,QAAQ,EAA0B,iCAA6B;AACxE,OAAO,KAAK,EACV,oBAAoB,EACpB,6BAA6B,EAC9B,+BAA2B;AAI5B;;;;GAIG;AACH,eAAO,MAAM,YAAY,QAAO,MAAuC,CAAC;AAExE;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,CAElE;AAkBD;;;;;;;;;GASG;AACH,eAAO,MAAM,UAAU,cACV,iBAAiB,kCAEnB,QAAQ,2BACO,MAAM,EAAE,6BACN,MAAM,EAAE,KACjC,iBAoDF,CAAC;AAEF;;;;;GAKG;AACH,wBAAgB,cAAc,CAC5B,MAAM,EAAE,OAAO,GACd,OAAO,CAAC,MAAM,IAAI,iBAAiB,CAuBrC;AAED;;;;;GAKG;AACH,eAAO,MAAM,aAAa,WAAY,MAAM,aAM3C,CAAC;AAEF;;;;;GAKG;AACH,eAAO,MAAM,iBAAiB,SAAU,MAAM,EAAE,eAE/C,CAAC;AAEF;;;;;;;;;;GAUG;AACH,eAAO,MAAM,gCAAgC;;;;;;MAWzC,6BAKF,CAAC;AAEH;;;;;GAKG;AACH,eAAO,MAAM,cAAc,aAAa,oBAAoB,EAAE;;;;;;;;;GAK7D,CAAC;AAEF;;;;;GAKG;AACH,eAAO,MAAM,mBAAmB,gBAAiB,MAAM,EAAE,WAExD,CAAC;AAEF;;;;;GAKG;AACH,eAAO,MAAM,sBAAsB,gBAAiB,MAAM,EAAE,WAE3D,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,qBAAqB,WAAY,MAAM,EAAE,QAAQ,MAAM,EAAE,EAAE,yBASvE,CAAC;AAEF;;;;;GAKG;AACH,eAAO,MAAM,UAAU,aAAc,MAAM,KAAG,MAG7C,CAAC;AAEF;;;;;GAKG;AACH,eAAO,MAAM,kBAAkB,QAAS,MAAM,KAAG,MAAM,GAAG,IAQzD,CAAC"}