Skip to content

Commit 92f9962

Browse files
FrederikBoldingFrederikBolding
authored
fix: Validate origin in handleRequest (#3292)
We were using empty origins in a lot of places instead of specifying `metamask` for internal requests. This PR disallows doing that so we can be clear about where requests are coming from. `origin` must now be either a valid URL or `metamask`.
1 parent 1760a18 commit 92f9962

File tree

14 files changed

+148
-142
lines changed

14 files changed

+148
-142
lines changed

packages/snaps-controllers/coverage.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
{
2-
"branches": 93.36,
2+
"branches": 93.38,
33
"functions": 97.38,
44
"lines": 98.34,
55
"statements": 98.07

packages/snaps-controllers/src/cronjob/CronjobController.test.ts

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ describe('CronjobController', () => {
4848
'SnapController:handleRequest',
4949
{
5050
snapId: MOCK_SNAP_ID,
51-
origin: '',
51+
origin: 'metamask',
5252
handler: HandlerType.OnCronjob,
5353
request: {
5454
method: 'exampleMethodOne',
@@ -79,7 +79,7 @@ describe('CronjobController', () => {
7979
'SnapController:handleRequest',
8080
{
8181
snapId: MOCK_SNAP_ID,
82-
origin: '',
82+
origin: 'metamask',
8383
handler: HandlerType.OnCronjob,
8484
request: {
8585
method: 'exampleMethodOne',
@@ -126,7 +126,7 @@ describe('CronjobController', () => {
126126
'SnapController:handleRequest',
127127
{
128128
snapId: MOCK_SNAP_ID,
129-
origin: '',
129+
origin: 'metamask',
130130
handler: HandlerType.OnCronjob,
131131
request: {
132132
method: 'exampleMethod',
@@ -177,7 +177,7 @@ describe('CronjobController', () => {
177177
'SnapController:handleRequest',
178178
{
179179
snapId: MOCK_SNAP_ID,
180-
origin: '',
180+
origin: 'metamask',
181181
handler: HandlerType.OnCronjob,
182182
request: {
183183
method: 'exampleMethod',
@@ -232,7 +232,7 @@ describe('CronjobController', () => {
232232
'SnapController:handleRequest',
233233
{
234234
snapId: MOCK_SNAP_ID,
235-
origin: '',
235+
origin: 'metamask',
236236
handler: HandlerType.OnCronjob,
237237
request: {
238238
method: 'exampleMethod',
@@ -274,7 +274,7 @@ describe('CronjobController', () => {
274274
'SnapController:handleRequest',
275275
{
276276
snapId: MOCK_SNAP_ID,
277-
origin: '',
277+
origin: 'metamask',
278278
handler: HandlerType.OnCronjob,
279279
request: {
280280
method: 'handleEvent',
@@ -347,7 +347,7 @@ describe('CronjobController', () => {
347347
'SnapController:handleRequest',
348348
{
349349
snapId: MOCK_SNAP_ID,
350-
origin: '',
350+
origin: 'metamask',
351351
handler: HandlerType.OnCronjob,
352352
request: {
353353
method: 'handleEvent',
@@ -459,7 +459,7 @@ describe('CronjobController', () => {
459459
'SnapController:handleRequest',
460460
{
461461
snapId: MOCK_SNAP_ID,
462-
origin: '',
462+
origin: 'metamask',
463463
handler: HandlerType.OnCronjob,
464464
request: {
465465
method: 'handleEvent',
@@ -503,7 +503,7 @@ describe('CronjobController', () => {
503503
'SnapController:handleRequest',
504504
{
505505
snapId: MOCK_SNAP_ID,
506-
origin: '',
506+
origin: 'metamask',
507507
handler: HandlerType.OnCronjob,
508508
request: {
509509
method: 'exampleMethodOne',
@@ -579,7 +579,7 @@ describe('CronjobController', () => {
579579
'SnapController:handleRequest',
580580
{
581581
snapId: MOCK_SNAP_ID,
582-
origin: '',
582+
origin: 'metamask',
583583
handler: HandlerType.OnCronjob,
584584
request: {
585585
method: 'exampleMethodOne',
@@ -592,7 +592,7 @@ describe('CronjobController', () => {
592592
'SnapController:handleRequest',
593593
{
594594
snapId: MOCK_SNAP_ID,
595-
origin: '',
595+
origin: 'metamask',
596596
handler: HandlerType.OnCronjob,
597597
request: {
598598
method: 'handleEvent',
@@ -644,7 +644,7 @@ describe('CronjobController', () => {
644644
'SnapController:handleRequest',
645645
{
646646
snapId: MOCK_SNAP_ID,
647-
origin: '',
647+
origin: 'metamask',
648648
handler: HandlerType.OnCronjob,
649649
request: {
650650
method: 'exampleMethodOne',
@@ -659,7 +659,7 @@ describe('CronjobController', () => {
659659
'SnapController:handleRequest',
660660
{
661661
snapId: MOCK_SNAP_ID,
662-
origin: '',
662+
origin: 'metamask',
663663
handler: HandlerType.OnCronjob,
664664
request: {
665665
method: 'handleEvent',
@@ -713,7 +713,7 @@ describe('CronjobController', () => {
713713
'SnapController:handleRequest',
714714
{
715715
snapId: MOCK_SNAP_ID,
716-
origin: '',
716+
origin: 'metamask',
717717
handler: HandlerType.OnCronjob,
718718
request: {
719719
method: 'exampleMethodOne',
@@ -728,7 +728,7 @@ describe('CronjobController', () => {
728728
'SnapController:handleRequest',
729729
{
730730
snapId: MOCK_SNAP_ID,
731-
origin: '',
731+
origin: 'metamask',
732732
handler: HandlerType.OnCronjob,
733733
request: {
734734
method: 'handleEvent',
@@ -807,7 +807,7 @@ describe('CronjobController', () => {
807807
'SnapController:handleRequest',
808808
{
809809
snapId: MOCK_SNAP_ID,
810-
origin: '',
810+
origin: 'metamask',
811811
handler: HandlerType.OnCronjob,
812812
request: {
813813
method: 'exampleMethodOne',
@@ -821,7 +821,7 @@ describe('CronjobController', () => {
821821
'SnapController:handleRequest',
822822
{
823823
snapId: MOCK_SNAP_ID,
824-
origin: '',
824+
origin: 'metamask',
825825
handler: HandlerType.OnCronjob,
826826
request: {
827827
method: 'handleEvent',
@@ -857,7 +857,7 @@ describe('CronjobController', () => {
857857
'SnapController:handleRequest',
858858
{
859859
snapId: MOCK_SNAP_ID,
860-
origin: '',
860+
origin: 'metamask',
861861
handler: HandlerType.OnCronjob,
862862
request: {
863863
method: 'exampleMethodOne',
@@ -911,7 +911,7 @@ describe('CronjobController', () => {
911911
'SnapController:handleRequest',
912912
{
913913
snapId: MOCK_SNAP_ID,
914-
origin: '',
914+
origin: 'metamask',
915915
handler: HandlerType.OnCronjob,
916916
request: {
917917
method: 'handleExport',

packages/snaps-controllers/src/cronjob/CronjobController.ts

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -301,7 +301,7 @@ export class CronjobController extends BaseController<
301301
this.#updateJobLastRunState(job.id, Date.now());
302302
await this.messagingSystem.call('SnapController:handleRequest', {
303303
snapId: job.snapId,
304-
origin: '',
304+
origin: 'metamask',
305305
handler: HandlerType.OnCronjob,
306306
request: job.request,
307307
});
@@ -386,7 +386,7 @@ export class CronjobController extends BaseController<
386386
this.messagingSystem
387387
.call('SnapController:handleRequest', {
388388
snapId: event.snapId,
389-
origin: '',
389+
origin: 'metamask',
390390
handler: HandlerType.OnCronjob,
391391
request: event.request,
392392
})

packages/snaps-controllers/src/insights/SnapInsightsController.test.ts

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -91,7 +91,7 @@ describe('SnapInsightsController', () => {
9191
'SnapController:handleRequest',
9292
{
9393
snapId: MOCK_SNAP_ID,
94-
origin: '',
94+
origin: 'metamask',
9595
handler: HandlerType.OnTransaction,
9696
request: {
9797
method: '',
@@ -108,7 +108,7 @@ describe('SnapInsightsController', () => {
108108
'SnapController:handleRequest',
109109
{
110110
snapId: MOCK_LOCAL_SNAP_ID,
111-
origin: '',
111+
origin: 'metamask',
112112
handler: HandlerType.OnTransaction,
113113
request: {
114114
method: '',
@@ -216,7 +216,7 @@ describe('SnapInsightsController', () => {
216216
'SnapController:handleRequest',
217217
{
218218
snapId: MOCK_SNAP_ID,
219-
origin: '',
219+
origin: 'metamask',
220220
handler: HandlerType.OnSignature,
221221
request: {
222222
method: '',
@@ -237,7 +237,7 @@ describe('SnapInsightsController', () => {
237237
'SnapController:handleRequest',
238238
{
239239
snapId: MOCK_LOCAL_SNAP_ID,
240-
origin: '',
240+
origin: 'metamask',
241241
handler: HandlerType.OnSignature,
242242
request: {
243243
method: '',
@@ -341,7 +341,7 @@ describe('SnapInsightsController', () => {
341341
'SnapController:handleRequest',
342342
{
343343
snapId: MOCK_SNAP_ID,
344-
origin: '',
344+
origin: 'metamask',
345345
handler: HandlerType.OnSignature,
346346
request: {
347347
method: '',
@@ -361,7 +361,7 @@ describe('SnapInsightsController', () => {
361361
'SnapController:handleRequest',
362362
{
363363
snapId: MOCK_LOCAL_SNAP_ID,
364-
origin: '',
364+
origin: 'metamask',
365365
handler: HandlerType.OnSignature,
366366
request: {
367367
method: '',
@@ -515,7 +515,7 @@ describe('SnapInsightsController', () => {
515515
'SnapController:handleRequest',
516516
{
517517
snapId: MOCK_SNAP_ID,
518-
origin: '',
518+
origin: 'metamask',
519519
handler: HandlerType.OnTransaction,
520520
request: {
521521
method: '',
@@ -532,7 +532,7 @@ describe('SnapInsightsController', () => {
532532
'SnapController:handleRequest',
533533
{
534534
snapId: MOCK_LOCAL_SNAP_ID,
535-
origin: '',
535+
origin: 'metamask',
536536
handler: HandlerType.OnTransaction,
537537
request: {
538538
method: '',
@@ -613,7 +613,7 @@ describe('SnapInsightsController', () => {
613613
'SnapController:handleRequest',
614614
{
615615
snapId: MOCK_SNAP_ID,
616-
origin: '',
616+
origin: 'metamask',
617617
handler: HandlerType.OnSignature,
618618
request: {
619619
method: '',
@@ -633,7 +633,7 @@ describe('SnapInsightsController', () => {
633633
'SnapController:handleRequest',
634634
{
635635
snapId: MOCK_LOCAL_SNAP_ID,
636-
origin: '',
636+
origin: 'metamask',
637637
handler: HandlerType.OnSignature,
638638
request: {
639639
method: '',

packages/snaps-controllers/src/insights/SnapInsightsController.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -361,7 +361,7 @@ export class SnapInsightsController extends BaseController<
361361
}) {
362362
return this.messagingSystem.call('SnapController:handleRequest', {
363363
snapId,
364-
origin: '',
364+
origin: 'metamask',
365365
handler,
366366
request: {
367367
method: '',

0 commit comments

Comments
 (0)