Closed jjk1492 closed 1 year ago
Looks like there might be a bug with the host blocking. Threatmetrix hosts aren't added to the blocked_hosts object or blocked from being accessed. Taking a look at the code now to see if I can figure out whats wrong. The above images are after requesting many threatmetrix hosts.
Edit: after re-cloning the repo, the issue no longer existed. @jjk1492 also confirmed that the plugin worked as expected on his end. I'm not sure why I was having that issue.
Spoke with @ACK-J on how whitelisting is intended to filter and we decided on domain-based (so no path specific).
Whitelisting works by checking if a requests URL's
host
property contains thehost
property of whitelisted domain.Given we are whitelisting by host if you wish to whitelist an entire domain you must ensure to NOT register a subdomain in the whitelist.
For example: If you whitelist
foo.bar.com
and then navigate tobar.com
then requests WILL be blocked. But if you go tofoo.bar.com
requests WILL NOT be blockedOn the flip side, if you whitelist
bar.com
and then go tofoo.bar.com
requests WILL NOT be blocked.