[PM-4531] feat: completely disable fido2 injection for excluded sites (#6801)

This commit is contained in:
Andreas Coroiu 2023-11-06 17:13:24 +01:00 committed by GitHub
parent e88d0acc8d
commit 200189c895
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 43 additions and 9 deletions

View File

@ -1,18 +1,46 @@
import { Message, MessageType } from "./messaging/message";
import { Messenger } from "./messaging/messenger";
function checkFido2FeatureEnabled() {
function isFido2FeatureEnabled(): Promise<boolean> {
return new Promise((resolve) => {
chrome.runtime.sendMessage(
{ command: "checkFido2FeatureEnabled" },
(response: { result?: boolean }) => initializeFido2ContentScript(response.result)
(response: { result?: boolean }) => resolve(response.result)
);
});
}
function initializeFido2ContentScript(isFido2FeatureEnabled: boolean) {
if (isFido2FeatureEnabled !== true) {
return;
async function getFromLocalStorage(keys: string | string[]): Promise<Record<string, any>> {
return new Promise((resolve) => {
chrome.storage.local.get(keys, (storage: Record<string, any>) => resolve(storage));
});
}
async function isDomainExcluded() {
// TODO: This is code copied from `notification-bar.tsx`. We should refactor this into a shared function.
// Look up the active user id from storage
const activeUserIdKey = "activeUserId";
let activeUserId: string;
const activeUserStorageValue = await getFromLocalStorage(activeUserIdKey);
if (activeUserStorageValue[activeUserIdKey]) {
activeUserId = activeUserStorageValue[activeUserIdKey];
}
// Look up the user's settings from storage
const userSettingsStorageValue = await getFromLocalStorage(activeUserId);
const excludedDomains = userSettingsStorageValue[activeUserId]?.settings?.neverDomains;
return excludedDomains && window.location.hostname in excludedDomains;
}
async function hasActiveUser() {
const activeUserIdKey = "activeUserId";
const activeUserStorageValue = await getFromLocalStorage(activeUserIdKey);
return activeUserStorageValue[activeUserIdKey] !== undefined;
}
function initializeFido2ContentScript() {
const s = document.createElement("script");
s.src = chrome.runtime.getURL("content/fido2/page-script.js");
(document.head || document.documentElement).appendChild(s);
@ -78,4 +106,10 @@ function initializeFido2ContentScript(isFido2FeatureEnabled: boolean) {
};
}
checkFido2FeatureEnabled();
async function run() {
if ((await hasActiveUser()) && (await isFido2FeatureEnabled()) && !(await isDomainExcluded())) {
initializeFido2ContentScript();
}
}
run();