-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FTX widget causing requests to ftx.com at startup without user opt-in #20501
Comments
As reported in brave/brave-browser#20501, the NTP was making outbound requests to ftx.com at startup without user opt-in, and the network-audit didn't catch that case because it was NOT loading a NTP as part of the different checks it does at BraveNetworkAuditTest.BasicTests. This patch adds explicit test coverage for that case by loading brave://newtab and waiting 5 minutes, like with the other checks. Resolves brave/brave-browser#20504
Verified
Verified the STR/Cases outlined via brave/brave-browser#20501 (comment) and ensured that there wasn't any outbound network connections when opening the NTP on a new profile. Example: Also ensured that none of the crypto widgets were visible on a new profile but were available via the following:
Upgraded from
Verification PASSED on
Verified the STR/Cases outlined via #20501 (comment) and ensured that there wasn't any outbound network connections when opening the NTP on a new profile. Also ensured that there was no third party outbound connections that are not being proxies when launching Brave for the first time. Example:
Also ensured that none of the crypto widgets were visible on a new profile but were available via the following:
For the following cases, upgrade from
Verified the STR/Cases outlined via #20501 (comment) and ensured that there wasn't any outbound network connections when opening the NTP on a new profile. Also ensured that there was no third party outbound connections that are not being proxies when launching Brave for the first time. Example: Also ensured that none of the crypto widgets were visible on a new profile but were available via the following:
For the following cases, upgrade from
|
Steps to Reproduce
Actual result:
Expected result:
No requests to ftx.com should occur unless the user has interacted / signed into the FTX widget.
Reproduces how often:
Always
Brave version (brave://version info)
Version/Channel Information:
The text was updated successfully, but these errors were encountered: