From de53505342d3ce479e3bcd03387f658fb8910922 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Wed, 28 Sep 2016 19:37:05 +0200 Subject: break merchant redirect loops --- lib/wallet/wxMessaging.ts | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) (limited to 'lib/wallet') diff --git a/lib/wallet/wxMessaging.ts b/lib/wallet/wxMessaging.ts index 9ad2c7f6f..be0e09de7 100644 --- a/lib/wallet/wxMessaging.ts +++ b/lib/wallet/wxMessaging.ts @@ -130,7 +130,19 @@ function makeHandlers(db: IDBDatabase, } return wallet.checkPay(offer); }, - ["execute-payment"]: function(detail, sender) { + ["execute-payment"]: function(detail: any, sender: MessageSender) { + if (sender.tab && sender.tab.id) { + rateLimitCache[sender.tab.id]++; + if (rateLimitCache[sender.tab.id] > 10) { + console.warn("rate limit for execute payment exceeded"); + let msg = { + error: "rate limit exceeded for execute-payment", + rateLimitExceeded: true, + hint: "Check for redirect loops", + }; + return Promise.resolve(msg); + } + } return wallet.executePayment(detail.H_contract); }, ["exchange-info"]: function(detail) { @@ -287,6 +299,13 @@ function handleHttpPayment(headerList: chrome.webRequest.HttpHeader[], export let wallet: Wallet|undefined = undefined; export let badge: ChromeBadge|undefined = undefined; +// Rate limit cache for executePayment operations, to break redirect loops +let rateLimitCache: {[n: number]: number} = {}; + +function clearRateLimitCache() { + rateLimitCache = {}; +} + export function wxMain() { chrome.browserAction.setBadgeText({text: ""}); badge = new ChromeBadge(); @@ -306,6 +325,8 @@ export function wxMain() { } }); + chrome.extension.getBackgroundPage().setInterval(clearRateLimitCache, 5000); + Promise.resolve() .then(() => { return openTalerDb(); @@ -349,8 +370,6 @@ export function wxMain() { details.url, details.tabId); }, {urls: [""]}, ["responseHeaders", "blocking"]); - - }) .catch((e) => { console.error("could not initialize wallet messaging"); -- cgit v1.2.3