From 6174c00c1036e77e1dc2ec39f20cf3a2a8518a21 Mon Sep 17 00:00:00 2001
From: Saptak Sengupta <saptak013@gmail.com>
Date: Fri, 16 Mar 2018 11:20:34 +0530
Subject: Inject Script: Blacklist domains where not to inject script

Put a blacklist domain check where if the page url is in the list
of blacklisted domains, we shouldn't inject script in that web page.
---
 app/scripts/contentscript.js | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

(limited to 'app/scripts/contentscript.js')

diff --git a/app/scripts/contentscript.js b/app/scripts/contentscript.js
index 2ed7c87b6..7abbc60e7 100644
--- a/app/scripts/contentscript.js
+++ b/app/scripts/contentscript.js
@@ -96,7 +96,8 @@ function logStreamDisconnectWarning (remoteLabel, err) {
 }
 
 function shouldInjectWeb3 () {
-  return doctypeCheck() && suffixCheck() && documentElementCheck()
+  return doctypeCheck() && suffixCheck() 
+    && documentElementCheck() && !blacklistedDomainCheck()
 }
 
 function doctypeCheck () {
@@ -129,6 +130,20 @@ function documentElementCheck () {
   return true
 }
 
+function blacklistedDomainCheck () {
+  var blacklistedDomains = ['uscourts.gov', 'dropbox.com']
+  var currentUrl = window.location.href
+  var currentRegex
+  for (let i = 0; i < blacklistedDomains.length; i++) {
+    const blacklistedDomain = blacklistedDomains[i].replace('.', '\\.')
+    currentRegex = new RegExp(`(?:https?:\\/\\/)(?:(?!${blacklistedDomain}).)*$`)
+    if (!currentRegex.test(currentUrl)) {
+      return true
+    }
+  }
+  return false
+}
+
 function redirectToPhishingWarning () {
   console.log('MetaMask - redirecting to phishing warning')
   window.location.href = 'https://metamask.io/phishing.html'
-- 
cgit