[BUG] https check sign blob (#1074) (#1075)

* uses full url to check for https on sign blob interaction * Added translations * remves file accidentally added by transalations hook Co-authored-by: aristides <aristides.staffieri@stellar.org>
stellar · Jan 10, 2024 · cab4ff1 · cab4ff1
1 parent a13083b
commit cab4ff1
Show file tree

Hide file tree

Showing 15 changed files with 766 additions and 47 deletions.
diff --git a/.github/workflows/playwright.yml b/.github/workflows/playwright.yml
@@ -0,0 +1,27 @@
+name: Playwright Tests
+on:
+  push:
+    branches: [main, master]
+  pull_request:
+    branches: [main, master]
+jobs:
+  test:
+    timeout-minutes: 60
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+      - name: Install dependencies
+        run: npm install -g yarn && yarn
+      - name: Install Playwright Browsers
+        run: yarn playwright install --with-deps
+      - name: Run Playwright tests
+        run: yarn playwright test
+      - uses: actions/upload-artifact@v3
+        if: always()
+        with:
+          name: playwright-report
+          path: playwright-report/
+          retention-days: 30
diff --git a/extension/.env b/extension/.env
@@ -0,0 +1 @@
+INDEXER_URL=http://localhost:3002/api/v1
diff --git a/extension/.gitignore b/extension/.gitignore
@@ -0,0 +1,9 @@
+node_modules/
+/test-results/
+/playwright-report/
+/blob-report/
+/playwright/.cache/
+/test-results/
+/playwright-report/
+/blob-report/
+/playwright/.cache/
diff --git a/extension/package.json b/extension/package.json
@@ -11,7 +11,8 @@
     "build:translations": "yarn build --env TRANSLATIONS=true",
     "start": "webpack-dev-server --config webpack.dev.js",
     "start:experimental": "yarn start --env EXPERIMENTAL=true",
-    "start:unpacked-extension": "yarn build --watch"
+    "start:unpacked-extension": "yarn build --watch",
+    "test-ct": "playwright test -c playwright-ct.config.ts"
   },
   "dependencies": {
     "@ledgerhq/hw-app-str": "^6.27.1",
@@ -84,6 +85,8 @@
   },
   "devDependencies": {
     "@lavamoat/allow-scripts": "^2.3.1",
+    "@playwright/experimental-ct-react17": "^1.40.1",
+    "@playwright/test": "^1.40.1",
     "@types/semver": "^7.5.2",
     "https-browserify": "^1.0.0",
     "os-browserify": "^0.3.0",

diff --git a/extension/playwright-ct.config.ts b/extension/playwright-ct.config.ts
@@ -0,0 +1,46 @@
+import { defineConfig, devices } from "@playwright/experimental-ct-react17";
+
+/**
+ * See https://playwright.dev/docs/test-configuration.
+ */
+export default defineConfig({
+  testDir: "./",
+  /* The base directory, relative to the config file, for snapshot files created with toMatchSnapshot and toHaveScreenshot. */
+  snapshotDir: "./__snapshots__",
+  /* Maximum time one test can run for. */
+  timeout: 10 * 1000,
+  /* Run tests in files in parallel */
+  fullyParallel: true,
+  /* Fail the build on CI if you accidentally left test.only in the source code. */
+  forbidOnly: !!process.env.CI,
+  /* Retry on CI only */
+  retries: process.env.CI ? 2 : 0,
+  /* Opt out of parallel tests on CI. */
+  workers: process.env.CI ? 1 : undefined,
+  /* Reporter to use. See https://playwright.dev/docs/test-reporters */
+  reporter: "html",
+  /* Shared settings for all the projects below. See https://playwright.dev/docs/api/class-testoptions. */
+  use: {
+    /* Collect trace when retrying the failed test. See https://playwright.dev/docs/trace-viewer */
+    trace: "on-first-retry",
+
+    /* Port to use for Playwright component endpoint. */
+    ctPort: 3100,
+  },
+
+  /* Configure projects for major browsers */
+  projects: [
+    {
+      name: "chromium",
+      use: { ...devices["Desktop Chrome"] },
+    },
+    {
+      name: "firefox",
+      use: { ...devices["Desktop Firefox"] },
+    },
+    {
+      name: "webkit",
+      use: { ...devices["Desktop Safari"] },
+    },
+  ],
+});
diff --git a/extension/playwright.config.ts b/extension/playwright.config.ts
@@ -0,0 +1,72 @@
+import { defineConfig, devices } from "@playwright/test";
+
+/**
+ * Read environment variables from file.
+ * https://github.com/motdotla/dotenv
+ */
+// require('dotenv').config();
+
+/**
+ * See https://playwright.dev/docs/test-configuration.
+ */
+export default defineConfig({
+  testDir: "./tests",
+  /* Run tests in files in parallel */
+  fullyParallel: true,
+  /* Fail the build on CI if you accidentally left test.only in the source code. */
+  forbidOnly: !!process.env.CI,
+  /* Retry on CI only */
+  retries: process.env.CI ? 2 : 0,
+  /* Opt out of parallel tests on CI. */
+  workers: process.env.CI ? 1 : undefined,
+  /* Reporter to use. See https://playwright.dev/docs/test-reporters */
+  reporter: "list",
+  /* Shared settings for all the projects below. See https://playwright.dev/docs/api/class-testoptions. */
+  use: {
+    /* Base URL to use in actions like `await page.goto('/')`. */
+    // baseURL: 'http://127.0.0.1:3000',
+
+    /* Collect trace when retrying the failed test. See https://playwright.dev/docs/trace-viewer */
+    trace: "on-first-retry",
+  },
+
+  /* Configure projects for major browsers */
+  projects: [
+    {
+      name: "chromium",
+      use: { ...devices["Desktop Chrome"] },
+    },
+
+    // {
+    //   name: 'firefox',
+    //   use: { ...devices['Desktop Firefox'] },
+    // },
+
+    /* Test against mobile viewports. */
+    // {
+    //   name: 'Mobile Chrome',
+    //   use: { ...devices['Pixel 5'] },
+    // },
+    // {
+    //   name: 'Mobile Safari',
+    //   use: { ...devices['iPhone 12'] },
+    // },
+
+    /* Test against branded browsers. */
+    // {
+    //   name: 'Microsoft Edge',
+    //   use: { ...devices['Desktop Edge'], channel: 'msedge' },
+    // },
+    // {
+    //   name: 'Google Chrome',
+    //   use: { ...devices['Desktop Chrome'], channel: 'chrome' },
+    // },
+  ],
+
+  /* Run your local dev server before starting the tests */
+  // webServer: {
+  //   command: 'npm run start',
+  //   url: 'http://127.0.0.1:3000',
+  //   reuseExistingServer: !process.env.CI,
+  // },
+});
diff --git a/extension/playwright/index.html b/extension/playwright/index.html
@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>Testing Page</title>
+  </head>
+  <body>
+    <div id="root"></div>
+    <script type="module" src="./index.tsx"></script>
+  </body>
+</html>
diff --git a/extension/playwright/index.tsx b/extension/playwright/index.tsx
@@ -0,0 +1,2 @@
+// Import styles, initialize component theme here.
+// import '../src/common.css';
diff --git a/extension/src/popup/components/mnemonicPhrase/MnemonicDisplay/index.tsx b/extension/src/popup/components/mnemonicPhrase/MnemonicDisplay/index.tsx
@@ -35,13 +35,13 @@ export const generateMnemonicPhraseDisplay = ({
             </span>
 
             <span>
-              <strong>{word}</strong>
+              <strong data-testid="word">{word}</strong>
             </span>
           </>
         ) : (
           <>
             <span>
-              <strong>{word}</strong>
+              <strong data-testid="word">{word}</strong>
             </span>
             <span className="MnemonicDisplay__random-word">
               <strong>{randomWord}</strong>

diff --git a/extension/src/popup/locales/en/translation.json b/extension/src/popup/locales/en/translation.json
@@ -421,6 +421,9 @@
   "The website <1>{{domain}}</1> does not use an SSL certificate": {
     " For additional safety Freighter only works with websites that provide an SSL certificate": "The website <1>{{domain}}</1> does not use an SSL certificate. For additional safety Freighter only works with websites that provide an SSL certificate."
   },
+  "The website <1>{{url}}</1> does not use an SSL certificate": {
+    " For additional safety Freighter only works with websites that provide an SSL certificate": "The website <1>{{url}}</1> does not use an SSL certificate. For additional safety Freighter only works with websites that provide an SSL certificate."
+  },
   "them noted to confirm you got them right": "them noted to confirm you got them right",
   "this alert by going to": "this alert by going to",
   "This asset has a balance": "This asset has a balance",

diff --git a/extension/src/popup/locales/pt/translation.json b/extension/src/popup/locales/pt/translation.json
@@ -421,6 +421,9 @@
   "The website <1>{{domain}}</1> does not use an SSL certificate": {
     " For additional safety Freighter only works with websites that provide an SSL certificate": "The website <1>{{domain}}</1> does not use an SSL certificate. For additional safety Freighter only works with websites that provide an SSL certificate."
   },
+  "The website <1>{{url}}</1> does not use an SSL certificate": {
+    " For additional safety Freighter only works with websites that provide an SSL certificate": "The website <1>{{url}}</1> does not use an SSL certificate. For additional safety Freighter only works with websites that provide an SSL certificate."
+  },
   "them noted to confirm you got them right": "them noted to confirm you got them right",
   "this alert by going to": "this alert by going to",
   "This asset has a balance": "This asset has a balance",

diff --git a/extension/src/popup/views/SignBlob/index.tsx b/extension/src/popup/views/SignBlob/index.tsx
@@ -38,7 +38,7 @@ export const SignBlob = () => {
   );
 
   const blob = parsedSearchParam(location.search) as BlobToSign;
-  const { accountToSign, domain, isDomainListedAllowed } = blob;
+  const { accountToSign, domain, isDomainListedAllowed, url } = blob;
 
   const {
     allAccounts,
@@ -72,7 +72,7 @@ export const SignBlob = () => {
     );
   }
 
-  if (!domain.startsWith("https") && !isExperimentalModeEnabled) {
+  if (!url.startsWith("https") && !isExperimentalModeEnabled) {
     return (
       <WarningMessage
         handleCloseClick={() => window.close()}
@@ -81,8 +81,8 @@ export const SignBlob = () => {
         header={t("WEBSITE CONNECTION IS NOT SECURE")}
       >
         <p>
-          <Trans domain={domain}>
-            The website <strong>{{ domain }}</strong> does not use an SSL
+          <Trans domain={url}>
+            The website <strong>{{ url }}</strong> does not use an SSL
             certificate. For additional safety Freighter only works with
             websites that provide an SSL certificate.
           </Trans>

diff --git a/extension/tests/onboarding.test.ts b/extension/tests/onboarding.test.ts
@@ -0,0 +1,42 @@
+import { test, expect } from "./test-fixtures";
+
+test("Welcome page loads", async ({ page, extensionId }) => {
+  await page.goto(`chrome-extension://${extensionId}/index.html`);
+  await expect(
+    page.getByText("Welcome! Is this your first time using Freighter?"),
+  ).toBeVisible();
+  await expect(page.getByText("I’m going to need a seed phrase")).toBeVisible();
+  await expect(page.getByText("I’ve done this before")).toBeVisible();
+});
+
+test("User creates new wallet", async ({ page, extensionId }) => {
+  await page.goto(`chrome-extension://${extensionId}/index.html`);
+  await page.getByText("Create Wallet").click();
+  await expect(page.getByText("Create a password")).toBeVisible();
+
+  await page.locator("#new-password-input").fill("My-password123");
+  await page.locator("#confirm-password-input").fill("My-password123");
+  await page.locator("#termsOfUse-input").check({ force: true });
+  await page.getByText("Confirm").click();
+
+  await expect(page.getByText("Secret Recovery phrase")).toBeVisible();
+
+  const domWords = page.getByTestId("word");
+  const wordCount = await domWords.count();
+  const words = [] as string[];
+  for (let i = 0; i < wordCount; i++) {
+    const word = await domWords.nth(i).innerText();
+    words.push(word);
+  }
+
+  await page.getByTestId("display-mnemonic-phrase-next-btn").click();
+  await expect(page.getByText("Confirm your recovery phrase")).toBeVisible();
+
+  for (let i = 0; i < words.length; i++) {
+    await page.locator(`#${words[i]}`).check();
+  }
+  await page.getByTestId("display-mnemonic-phrase-confirm-btn").click();
+  await expect(
+    page.getByText("A Stellar wallet for every website"),
+  ).toBeVisible();
+});
diff --git a/extension/tests/test-fixtures.ts b/extension/tests/test-fixtures.ts
@@ -0,0 +1,35 @@
+import { test as base, chromium, BrowserContext } from "@playwright/test";
+import path from "path";
+
+export const test = base.extend<{
+  context: BrowserContext;
+  extensionId: string;
+}>({
+  context: async ({}, use) => {
+    const pathToExtension = path.join(__dirname, "../build");
+    console.log(pathToExtension);
+    const context = await chromium.launchPersistentContext("", {
+      headless: false,
+      args: [
+        `--disable-extensions-except=${pathToExtension}`,
+        `--load-extension=${pathToExtension}`,
+      ],
+    });
+    await use(context);
+    await context.close();
+  },
+  extensionId: async ({ context }, use) => {
+    // for manifest v2:
+    let [background] = context.backgroundPages();
+    if (!background) background = await context.waitForEvent("backgroundpage");
+
+    // for manifest v3:
+    // let [background] = context.serviceWorkers();
+    // if (!background)
+    //   background = await context.waitForEvent('serviceworker');
+
+    const extensionId = background.url().split("/")[2];
+    await use(extensionId);
+  },
+});
+export const expect = test.expect;
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		// Import styles, initialize component theme here.
		// import '../src/common.css';