Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

test(mock-e2e): add private domains logic for the privacy report #27844

Merged
merged 3 commits into from
Oct 16, 2024
Merged

test(mock-e2e): add private domains logic for the privacy report #27844

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
597c476
test(mock-e2e): add private domains logic for the privacy report
ccharly Oct 14, 2024
803d325
refactor(mock-e2e): privateHosts -> privateHostMatchers
ccharly Oct 15, 2024
bf370b6
refactor(mock-e2e): better comments
ccharly Oct 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 41 additions & 0 deletions test/e2e/mock-e2e.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,18 @@ const emptyHtmlPage = () => `<!DOCTYPE html>
const browserAPIRequestDomains =
/^.*\.(googleapis\.com|google\.com|mozilla\.net|mozilla\.com|mozilla\.org|gvt1\.com)$/iu;

/**
* Some third-party providers might use random URLs that we don't want to track
* in the privacy report "in clear". We identify those private hosts with a
* `pattern` regexp and replace the original host by a more generic one (`host`).
* For example, "my-secret-host.provider.com" could be denoted as "*.provider.com" in
* the privacy report. This would prevent disclosing the "my-secret-host" subdomain
* in this case.
*/
const privateHostMatchers = [
// { pattern: RegExp, host: string }
];

/**
* @typedef {import('mockttp').Mockttp} Mockttp
* @typedef {import('mockttp').MockedEndpoint} MockedEndpoint
Expand Down Expand Up @@ -714,6 +726,25 @@ async function setupMocking(
const portfolioRequestsMatcher = (request) =>
request.headers.referer === 'https://portfolio.metamask.io/';

/**
* Tests a request against private domains and returns a set of generic hostnames that
* match.
*
* @param request
* @returns A set of matched results.
*/
const matchPrivateHosts = (request) => {
const privateHosts = new Set();

for (const { pattern, host: privateHost } of privateHostMatchers) {
if (request.headers.host.match(pattern)) {
privateHosts.add(privateHost);
}
}

return privateHosts;
};

/**
* Listen for requests and add the hostname to the privacy report if it did
* not previously exist. This is used to track which hosts are requested
Expand All @@ -723,6 +754,16 @@ async function setupMocking(
* operation. See the browserAPIRequestDomains regex above.
*/
server.on('request-initiated', (request) => {
const privateHosts = matchPrivateHosts(request);
if (privateHosts.size) {
for (const privateHost of privateHosts) {
privacyReport.add(privateHost);
}
// At this point, we know the request at least one private doamin, so we just stops here to avoid
// using the request any further.
return;
}

if (
request.headers.host.match(browserAPIRequestDomains) === null &&
!portfolioRequestsMatcher(request)
Expand Down