Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: events improvements #2630

Merged
merged 2 commits into from
Aug 5, 2023
Merged

fix: events improvements #2630

merged 2 commits into from
Aug 5, 2023

Conversation

pavanjoshi914
Copy link
Contributor

Describe the changes you have made in this PR

remove enable from emit function which causes unnecessary dialogue open post message only for webln enabled pages, so that malicious pages doesn't listen to such events this also results in emitting the event only when we are on webln enabled page

Type of change

  • fix: Bug fix (non-breaking change which fixes an issue)

Checklist

  • Self-review of changed code
  • Manual testing
  • Added automated tests where applicable
  • Update Docs & Guides
  • For UI-related changes
  • Darkmode
  • Responsive layout

@pavanjoshi914
fix: events improvements
89e9494 
remove enable from emit function which causes unnecessary dialogue open
post message only for webln enabled pages, so that malicious pages doesn't listen to such events
this also results in emitting the event only when we are on webln enabled page
signed-off-by: pavan joshi <[email protected]>
@pavanjoshi914 pavanjoshi914 requested a review from bumi August 3, 2023 18:17
@bumi
Copy link
Collaborator

bumi commented Aug 3, 2023

I think the event should be published for all the enabled tabs.
and not only the currently active one as selected here

//cc @rolznz what do you think?

rolznz
rolznz reviewed Aug 4, 2023
View reviewed changes
src/extension/content-script/onendwebln.js
@@ -41,7 +40,7 @@ async function init() {
extractLightningData();
}
// forward account changed messaged to inpage script
else if (request.action === "accountChanged") {
else if (request.action === "accountChanged" && isEnabled) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The line below, can we replace "*"? we only want the inpage script to receive the message so it can emit the event for any listeners. Currently all frames on the website are receiving it.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we can use window.location.origin here. which returns domain without any routes/ query parameters

@rolznz
Copy link
Contributor

rolznz commented Aug 4, 2023

I think the event should be published for all the enabled tabs. and not only the currently active one as selected here

//cc @rolznz what do you think?

@pavanjoshi914 please could you make this change too?

@pavanjoshi914
feat: send messages to all the tabs including inactive ones
b6beda0 
send messaged only to the target origin
signed-off-by: pavan joshi <[email protected]>
@pavanjoshi914
Copy link
Contributor Author

I think the event should be published for all the enabled tabs. and not only the currently active one as selected here
//cc @rolznz what do you think?

@pavanjoshi914 please could you make this change too?

made those changes.

@bumi bumi merged commit 2930312 into master Aug 5, 2023
5 of 6 checks passed
@bumi bumi deleted the events-improvements branch August 5, 2023 11:19
@pavanjoshi914 pavanjoshi914 restored the events-improvements branch September 11, 2023 08:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rolznz rolznz rolznz left review comments

@bumi bumi Awaiting requested review from bumi

Assignees
No one assigned
Labels
None yet
Projects
🐝 Alby
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@pavanjoshi914 @bumi @rolznz