Request filtering in main process2 #16264
Conversation
peter-sanderson
force-pushed
the
request-filtering-in-main-process
branch
from
0d4c182 to
e9c5d25
Compare
peter-sanderson
force-pushed
the
request-filtering-in-main-process2
branch
2 times, most recently
from
4c3b80a to
7c52991
Compare
|
🚀 Expo preview is ready!
|
peter-sanderson
force-pushed
the
request-filtering-in-main-process2
branch
from
7c52991 to
80d2247
Compare
trezor-ci
force-pushed
the
request-filtering-in-main-process
branch
from
e9c5d25 to
b5528cc
Compare
peter-sanderson
changed the base branch from
request-filtering-in-main-process
to
develop
peter-sanderson
force-pushed
the
request-filtering-in-main-process2
branch
6 times, most recently
from
2023d2c to
053106c
Compare
peter-sanderson
force-pushed
the
request-filtering-in-main-process2
branch
from
053106c to
685fb18
Compare
| return whitelist.some( | ||
| whitelistedUrl => | ||
| whitelistedUrl === hostname || | ||
| // Todo: this .endsWith() seems fishy to me, why we need this? |
There was a problem hiding this comment.
I plan to try to remove this together with sldev in next PR and we'll see what breaks 😁
There was a problem hiding this comment.
Since this fn is called only with hostname extracted from the url, then we are safe that you cannot loophole it like that:
http://scammy-url.net?uselessParam=trezor.io
I think this is necessary to allows subdomains: btc1.trezor.io (would break? ), or anything.that.ends.with.trezor.io which is guaranteed not to be scammy-url.net so it's ok ✔️
peter-sanderson
force-pushed
the
request-filtering-in-main-process2
branch
4 times, most recently
from
81d0bd8 to
a40a5be
Compare
| @@ -2,9 +2,14 @@ import path from 'path'; | |||
| import http from 'http'; | |||
| import WebSocket from 'ws'; | |||
|
|
|||
| // Todo: Currently this needs to be done in order to interceptor in test to work. | |||
| // This shall be taken care of, as we shall be intercepting the native fetch as well. | |||
| // import fetch from 'node-fetch'; | |||
There was a problem hiding this comment.
@karliatto FYI, this is what we have been talking about
|
|
||
| return; | ||
|
|
||
| case 'INTERCEPTED_HEADERS': |
There was a problem hiding this comment.
Those events does not seem to be handled anywhere, despite being (potentially) emitted.
I am not sure if this switch is supposed to be actually exhaustive, but as those are not handled anywhere, else (and also not here originally).
peter-sanderson
force-pushed
the
request-filtering-in-main-process2
branch
from
a40a5be to
22d43d9
Compare
peter-sanderson
force-pushed
the
request-filtering-in-main-process2
branch
from
22d43d9 to
834759a
Compare
| @@ -73,6 +76,9 @@ export const interceptNetSocketConnect = (context: InterceptorContext) => { | |||
| details = typeof callback === 'string' ? `${callback}:${request}` : request.toString(); | |||
| } | |||
|
|
|||
| const hostname = details.split(':')[0]; | |||
There was a problem hiding this comment.
- Todo: This is sub-optimal and it wont probably work in all scenarios. Any ideas?
| return ''; | ||
| }; | ||
|
|
||
| const hostname = getHostname().split(':')[0] ?? ''; |
There was a problem hiding this comment.
- Todo: This is sub-optimal and it wont probably work in all scenarios. Any ideas?
There was a problem hiding this comment.
as we discussed the new URL(address).hostname - I just now realised you could create a helper that would do it optionally, something like:
optionalGetUrlHostname = (address: string) => {
try {
return new URL(address).hostname;
}
catch(_err) {
return null;
}
}
then use it like hostname = optionalGetUrlHostname(address) ?? ''
file:///... ➡️ '' ✔️
invalid URLs ➡️ null ➡️ '' ✔️
…ess of the electrum
peter-sanderson
force-pushed
the
request-filtering-in-main-process2
branch
from
834759a to
e66a922
Compare
| callback, | ||
| validateRequest, | ||
| }: OverloadHttpRequestParams) => { | ||
| const hostname = typeof url === 'object' ? url.hostname ?? url.host ?? '' : ''; |
There was a problem hiding this comment.
this means that for string url, hostname will always be '', which will always be false in isWhitelistedHost
| mainThreadEmitter.emit('module/request-interceptor', { | ||
| type: 'ADD_WHITELISTED_DOMAIN', | ||
| domain: urlObj.hostname ?? urlObj.host, | ||
| }); |
There was a problem hiding this comment.
If I understand correctly this effectively adds coinjoin coordinator URL to allowed domains?
| if (event.type === 'CIRCUIT_MISBEHAVING') { | ||
| mainThreadEmitter.emit('module/reset-tor-circuits', event); | ||
| default: { | ||
| const _exhaustiveCheck: never = event; // Poor-man's `switch-exhaustiveness-check` |
There was a problem hiding this comment.
why poor man's? This is absolutely fine 😄
Although typed record is better when mapping primitive values to cases, I would not use it to map functions. That would not read very well IMO.
| return; | ||
|
|
||
| case 'SET_WHITELISTED_DOMAINS_FOR_CUSTOM_BACKENDS': | ||
| mainThreadAllowedDomain.customBackends[event.coin] = event.domains; |
There was a problem hiding this comment.
there is no reverse action when resetting a custom backend to default, so it will probably persist as enabled until you restart app or set custom backend again for the same coin.
I'm not saying it's needed, just a note. I think it's OK.
|
|
||
| const urlObj = new URL(url); | ||
|
|
||
| return urlObj.hostname ?? urlObj.host; |
There was a problem hiding this comment.
FYI here you can see difference between hostname and host https://developer.mozilla.org/en-US/docs/Web/API/Location
I'd only use hostname (w/o port), so the condition is broader = more restrictive
Also, both are typed as string, so I expect the ?? to be useless, maybe you meant || ?
Resolve #7171
interceptor.test.tstestThe whitelist needs to be probably different from the one used in render process(no, consulted with Carlos)fetchfrom node.js as well and not just withnode-fetch=> this needs to be discussed with Carlos