Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Only make requests to *.rewards.brave.com endpoints after Rewards opt-in
See original GitHub issueDescription
Browser sometimes makes calls out to *.rewards.brave.com endpoints before user fully opts into Brave Rewards. For example, see https://github.com/brave/brave-site-specific-scripts/issues/41. Any *.rewards.brave.com requests should only occur if the user has pressed “Start using Brave Rewards” and generated a wallet. These calls can happen as a result of Greaselion or by clicking the BAT icon.
Requests are made to the following domains, for example:
api.rewards.brave.comrewards.brave.comgrant.rewards.brave.com
Steps to Reproduce
Greaselion
- Fresh profile
- Go to reddit.com or another site with site-specific Greaselion scripts
- Check for calls to
*.rewards.brave.com
Another way:
BAT icon
- Fresh profile
- Click on BAT icon
- Although Brave Rewards is still disabled (i.e., “Start using Brave Rewards” has not yet been pressed), check for calls to
*.rewards.brave.com
Calls should be deferred until after the user has pressed “Start using Brave Rewards”.
Expected result:
No requests needed until after opt-in.
Task list
- Content scripts/Greaselion case
- Clicking on Brave Rewards panel/BAT icon in the URL bar
- Clicking on in-line tipping button
- Navigating to brave://rewards settings page
Issue Analytics
- State:
- Created 3 years ago
- Reactions:2
- Comments:12 (6 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Potentially some more info: I restarted the browser and Utility: Bat Ledger Service was not running, and I didn’t see any calls to *.rewards.brave.com endpoints. However, when I went to brave://rewards to ensure everything was off, the ledger service started again and remained running. It seems like the ledger service should not start when simply visiting brave://rewards if ads/ac are off. Perhaps there needs to be a way to reset to the pre-opt-in state and maybe that will prevent the ledger service from starting automatically.
Thanks. @PrivacyMatters In any case, we actually went for the stronger route, and we make no calls to rewards-related endpoints until the user explicitly opts in/enables Brave Rewards 😃.