Merge branch 'en-domain_path_blacklist'

* en-domain_path_blacklist:
  Added logic to detect URL change onclick for sites like YouTube
  Version bump
  Added sanity check
  Removed debug
  Changed default rpc provider. Added logic to blacklist/block from a malicious domain with path

js/DomainBlacklist.js

@@ -1,14 +1,27 @@
 (function() {
     let objBrowser = chrome ? chrome : browser;
 
-    //Get the blacklist domains option for the user
-    objBrowser.runtime.sendMessage({func: "blacklist_domains"}, function(objResponse) {
-        if(objResponse && objResponse.hasOwnProperty("resp")) {
-            if(objResponse.resp == 1) {
-                blacklistedDomainCheck();
+    let strInitHref = window.location.href;
+
+    function init(){
+        //Get the blacklist domains option for the user
+        objBrowser.runtime.sendMessage({func: "blacklist_domains"}, function(objResponse) {
+            if(objResponse && objResponse.hasOwnProperty("resp")) {
+                if(objResponse.resp == 1) {
+                    blacklistedDomainCheck();
+                }
             }
+        });
+    }
+
+    init();
+
+    window.onclick = function(e) {
+        if(strInitHref !== window.location.href) {
+            strInitHref = window.location.href;
+            init();
         }
-    });
+    }
 
     //Detects if the current tab is in the blacklisted domains file
     function blacklistedDomainCheck() {
@@ -112,6 +125,28 @@
 
                 return false;
             }
+
+            // Now check the full path (ie: YouTube because of fake livestreams and telegra.ph)
+            objBrowser.runtime.sendMessage({func: "blacklist_uri_list"}, function (objResponse) {
+                if (objResponse && objResponse.hasOwnProperty("resp")) {
+                    let uris = JSON.parse(objResponse.resp)
+                    let windowLoc = window.location.href.replace(/^https?\:\/\/|www\./g,''); 
+                    uris.domains.forEach(f => {
+                        let r = new RegExp(`^(${f.replace(/[.*+?^${}()|[\]\\\/]/g, '\\$&')})`, 'g');
+
+                        if(f === windowLoc || (r.exec(windowLoc) !== null)) {
+                            console.warn(`${windowLoc} webpage is blacklisted by EAL - Blacklisted`);
+                            window.location.href = chrome.runtime.getURL('/static/phishing/phishing.html#'+ btoa(window.location.href) +'#uri');
+
+                            objBrowser.runtime.sendMessage({func: "change_ext_icon", "icon": "blacklisted", "type": "blacklisted"}, function(objResponse) {
+                                // Icon should be a different colour now.
+                            });
+
+                            return false;
+                        }
+                    })
+                }
+            });
         }
 
         //Now do the 3rd party domain list check if they have that option enabled.

js/options.js

@@ -113,6 +113,10 @@ objBrowser.runtime.onMessage.addListener(
                 console.log("Getting 3p blacklisted domain list");
                 strResponse = getBlacklistedDomains("3p");
                 break;
+            case 'blacklist_uri_list' :
+                console.log("Getting the blacklist uri list");
+                strResponse = getBlacklistedDomains("uri");
+                break;
             case 'use_3rd_party_blacklists' :
                 //This option is enabled by default
                 if(localStorage.getItem("ext-etheraddresslookup-use_3rd_party_blacklist") === null) {
@@ -147,13 +151,13 @@ objBrowser.runtime.onMessage.addListener(
                 break;
             case 'rpc_provider' :
                     if(localStorage.getItem("ext-etheraddresslookup-rpc_node") === null) {
-                        strResponse = "https://freely-central-lark.quiknode.io/9fe4c4a0-2ea2-4ac1-ab64-f92990cd2914/118-xxADc8hKSSB9joCb-g==/";
+                        strResponse = "https://mainnet.infura.io/v3/02b145caa61b49998168f2b97d4ef323";
                     } else {
                         strResponse = localStorage.getItem("ext-etheraddresslookup-rpc_node");
                     }
                 break;
             case 'rpc_default_provider' :
-                strResponse = "https://freely-central-lark.quiknode.io/9fe4c4a0-2ea2-4ac1-ab64-f92990cd2914/118-xxADc8hKSSB9joCb-g==/";
+                strResponse = "https://mainnet.infura.io/v3/02b145caa61b49998168f2b97d4ef323";
                 break;
             case 'perform_address_lookups' :
                 //This option is enabled by default
@@ -349,6 +353,13 @@ function getBlacklistedDomains(strType)
             "repo": "http://api.infura.io/v1/blacklist",
             "identifer": "eal"
         },
+        "uri": {
+            "timestamp": 0,
+            "domains": [],
+            "format": "plain",
+            "repo": "https://raw.githubusercontent.com/409H/EtherAddressLookup/master/blacklists/uri.json",
+            "identifer": "uri"
+        },
         "third_party": {
             "phishfort": {
                 "timestamp": 0,
@@ -380,8 +391,13 @@ function getBlacklistedDomains(strType)
     }
 
     strType = strType || "eal";
+    if(strType === "eal") {
+        strType = "";
+    } else {
+        strType = `${strType}_`;
+    }
 
-    return localStorage.getItem(`ext-etheraddresslookup-${strType === 'eal' ? '' : '3p_'}blacklist_domains_list`);
+    return localStorage.getItem(`ext-etheraddresslookup-${strType}blacklist_domains_list`);
 }
 
 function updateAllBlacklists(objEalBlacklistedDomains)
@@ -393,6 +409,13 @@ function updateAllBlacklists(objEalBlacklistedDomains)
         localStorage.setItem("ext-etheraddresslookup-blacklist_domains_list", JSON.stringify(objEalBlacklistedDomains.eal));
     });
 
+    getBlacklistedDomainsFromSource(objEalBlacklistedDomains.uri).then(function (arrDomains) {
+        objEalBlacklistedDomains.uri.timestamp = Math.floor(Date.now() / 1000);
+        objEalBlacklistedDomains.uri.domains = arrDomains.filter((v,i,a)=>a.indexOf(v)==i);
+
+        localStorage.setItem("ext-etheraddresslookup-uri_blacklist_domains_list", JSON.stringify(objEalBlacklistedDomains.uri));
+    });
+
     if( [null, 1].indexOf(localStorage.getItem("ext-etheraddresslookup-use_3rd_party_blacklist")) >= 0) {
         getBlacklistedDomainsFromSource(objEalBlacklistedDomains.third_party.phishfort).then(function (arrDomains) {
 

manifest.json

@@ -4,7 +4,7 @@
   "name": "EtherAddressLookup",
   "short_name": "EtherAddressLookup",
   "description": "Adds links to strings that look like Ethereum addresses to your favorite blockchain explorer + antiphishing measures.",
-  "version": "1.22",
+  "version": "1.23",
 
   "browser_action": {
     "default_icon": "images/ether-128x128.png",

static/phishing/phishing-notices.js

@@ -1,5 +1,6 @@
 //Show the user why it's blocked
 var b = window.location.href.split("#");
+
 console.log("Domain is blacklisted because: "+(b[b.length-1].toLowerCase()));
 switch(b[b.length-1].toLowerCase()) {
     case 'punycode':
@@ -22,12 +23,20 @@ switch(b[b.length-1].toLowerCase()) {
     case 'blacklisted':
         document.getElementById("blacklisted").style.display = 'block'
     break;
+    case 'uri':
+        document.getElementById("uri").style.display = 'block'
+    break;
     default:
         // No default action.
     break;
 } 
 
 //Populate the link to EtherScamDB
-let cleandomain = encodeURI(b[1].replace(/https?\:?\/?\/?w{0,3}\.?/,"").replace(/\/$/,""));
-document.getElementById("link-etherscamdb").href = "https://etherscamdb.info/domain/"+cleandomain;
-document.getElementById("link-etherscamdb").textContent = "https://etherscamdb.info/domain/"+cleandomain;
+if(b[b.length-1].toLowerCase() !== "uri") {
+    if(document.getElementById("esdb-link")) {
+        document.getElementById("esdb-link").style.display = "block";
+    }
+    let cleandomain = encodeURI(b[1].replace(/https?\:?\/?\/?w{0,3}\.?/,"").replace(/\/$/,""));
+    document.getElementById("link-etherscamdb").href = "https://etherscamdb.info/domain/"+cleandomain;
+    document.getElementById("link-etherscamdb").textContent = "https://etherscamdb.info/domain/"+cleandomain;
+}

static/phishing/phishing.html

@@ -73,6 +73,10 @@
         #blacklisted {
             border-left: 4px solid #D49990;
         }
+
+        #uri {
+            border-left: 4px solid #f0ef0e;
+        }
     </style>
   </head>
   <body>
@@ -92,15 +96,19 @@ <h1>
                     <p>This domain is blocked because it is too similar to a domain in our fuzzy list.<br />
                     If you  want to access this domain and you're sure it's safe, please <a href="https://github.com/409H/EtherAddressLookup/wiki/Blacklisted-Domains#levenshtien-domains" target="_blank">disable the behaviour</a> in the EtherAddressLookup settings.</p>
                 </div>
+                <div id="uri" class="notice hide-me">
+                    <p>This webpage is blocked because it is on our blacklist.<br />
+                    If you  want to access this domain and you're sure it's safe, please <a href="https://github.com/409H/EtherAddressLookup/wiki/Blacklisted-Domains#blacklisted-domains" target="_blank">disable the behaviour</a> in the EtherAddressLookup settings.</p>
+                </div>                
                 <div id="blacklisted" class="notice hide-me">
                     <p>This domain is blocked because it is on our blacklist.<br />
                     If you  want to access this domain and you're sure it's safe, please <a href="https://github.com/409H/EtherAddressLookup/wiki/Blacklisted-Domains#blacklisted-domains" target="_blank">disable the behaviour</a> in the EtherAddressLookup settings.</p>
-                </div>            
+                </div>
                 <p>This is because you have enabled <span>Warn of blacklisted domains</span> setting on <img src="../../images/ether-16x16.png"  alt="EtherAddressLookup Icon" />EtherAddressLookup Browser Extension.</p>
                 <p>You can turn this setting off, but it's advised not to as we blacklisted the domain for a reason.</p>
                 <br />
                 <p>If you feel this domain is wrongly blacklisted, please <a href="https://github.com/409H/EtherAddressLookup/issues/new">open a new issue on GitHub</a></p>
-                <p><strong>To read more about this, visit <a id="link-etherscamdb" href="">https://etherscamdb.info/domain/</a></strong></p>
+                <p id="esdb-link" class="hide-me"><strong>To read more about this, visit <a id="link-etherscamdb" href="">https://etherscamdb.info/domain/</a></strong></p>
             </div>
             <div id="gif-container" class="hide-me">
                 <div id="punycode_turnoff" class="hide-me">
@@ -119,6 +127,16 @@ <h3>Helpful Tips:</h3>
                     <li><strong>Try seeking out a trustworthy, secure link on your own.</strong> Top Google results (not 
                         Google Ads!), Verified Twitter accounts, or asking someone you know & trust. Once you find the 
                         correct URL, bookmark it!</li>
+                    <li><strong>Nobody is giving away free money.</strong> Scammers are trying to impersonate official looking channels
+                        to convince you to perform a trust trading scam (by sending them money in return for more money sent back). This
+                        is a common scam that we have written about it numerous times:
+                        <ul>
+                            <li><a href="https://medium.com/mycrypto/crypto-trust-trading-scams-are-running-rampant-on-youtube-9f575210879b" target="_blank">Crypto Trust-Trading Scams Are Running Rampant On YouTube</a></li>
+                            <li><a href="https://medium.com/mycrypto/country-click-through-rates-for-bitly-scams-dbafdfd48b04" target="_blank">Nigeria, Indonesia, the US, and Vietnam are among the highest victim rates for crypto scams</a></li>
+                            <li><a href="https://medium.com/mycrypto/research-into-trust-trading-scams-on-twitter-ba6309d87a18" target="_blank">Research into Trust-Trading Scams on Twitter</a></li>
+                            <li><a href="https://medium.com/mycrypto/the-trust-trading-scam-kit-98aaf18270a7" target="_blank">The Trust-Trading Scam Kit</a></li>
+                        </ul>
+                    </li>                         
                 </ul>
             </p>
         </div>