diff options
| author | Florian Dold <florian.dold@gmail.com> | 2016-09-28 19:37:05 +0200 |
|---|---|---|
| committer | Florian Dold <florian.dold@gmail.com> | 2016-09-28 19:37:05 +0200 |
| commit | de53505342d3ce479e3bcd03387f658fb8910922 (patch) | |
| tree | b0ca3607fda23c4b8665b9e48ced49d09de0d61d /lib | |
| parent | 9e93109358e3e04b7c8711a94e72a7229e9a0164 (diff) | |
| download | wallet-core-de53505342d3ce479e3bcd03387f658fb8910922.tar.xz | |
break merchant redirect loops
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/wallet/wxMessaging.ts | 25 |
1 files changed, 22 insertions, 3 deletions
diff --git a/lib/wallet/wxMessaging.ts b/lib/wallet/wxMessaging.ts index 9ad2c7f6f..be0e09de7 100644 --- a/lib/wallet/wxMessaging.ts +++ b/lib/wallet/wxMessaging.ts @@ -130,7 +130,19 @@ function makeHandlers(db: IDBDatabase, } return wallet.checkPay(offer); }, - ["execute-payment"]: function(detail, sender) { + ["execute-payment"]: function(detail: any, sender: MessageSender) { + if (sender.tab && sender.tab.id) { + rateLimitCache[sender.tab.id]++; + if (rateLimitCache[sender.tab.id] > 10) { + console.warn("rate limit for execute payment exceeded"); + let msg = { + error: "rate limit exceeded for execute-payment", + rateLimitExceeded: true, + hint: "Check for redirect loops", + }; + return Promise.resolve(msg); + } + } return wallet.executePayment(detail.H_contract); }, ["exchange-info"]: function(detail) { @@ -287,6 +299,13 @@ function handleHttpPayment(headerList: chrome.webRequest.HttpHeader[], export let wallet: Wallet|undefined = undefined; export let badge: ChromeBadge|undefined = undefined; +// Rate limit cache for executePayment operations, to break redirect loops +let rateLimitCache: {[n: number]: number} = {}; + +function clearRateLimitCache() { + rateLimitCache = {}; +} + export function wxMain() { chrome.browserAction.setBadgeText({text: ""}); badge = new ChromeBadge(); @@ -306,6 +325,8 @@ export function wxMain() { } }); + chrome.extension.getBackgroundPage().setInterval(clearRateLimitCache, 5000); + Promise.resolve() .then(() => { return openTalerDb(); @@ -349,8 +370,6 @@ export function wxMain() { details.url, details.tabId); }, {urls: ["<all_urls>"]}, ["responseHeaders", "blocking"]); - - }) .catch((e) => { console.error("could not initialize wallet messaging"); |