e44fce3ebd
Set tab restrictions status across all frames.
2018-10-12 22:35:46 +02:00
8c37d74a19
Version bump: 10.1.9.9rc1.
2018-10-12 22:21:23 +02:00
ec997edc10
Version bump to 10.1.9.8 because of erronous self-hosting AMO signing.
2018-10-06 18:27:17 +02:00
bb4660e89f
Version bump: 10.1.9.7.
2018-10-06 18:20:02 +02:00
fc4ab21b2d
[L10n] Updated ru (thanks fatboy).
2018-10-06 18:13:27 +02:00
209d50b0c1
Simplified CSP HTTP header injection, avoiding report-to until actually supported by browsers.
2018-10-06 18:13:27 +02:00
c9c7b7aefe
Fixed preset customization UI showing inherited DEFAULT permissions if a protocol-level preset exists.
2018-10-06 18:13:19 +02:00
4bd8da62b8
Version bump: 10.1.9.7rc3.
2018-10-06 12:28:26 +02:00
55ccd14dfe
Better UX for overriding protocol-level permissions.
2018-10-06 02:11:49 +02:00
ddbd70416c
[L10n] Updated (es, ru) and new (el, he, ms, nb) locales from OTF's Localization Lab Transifex project.
2018-10-06 02:06:38 +02:00
ffc0b0d8b0
Version bump: 10.1.9.7rc2.
2018-10-04 23:11:15 +02:00
f9a05c7361
Norwegian Bokmål translation
2018-10-03 14:21:15 +02:00
321401f60e
[XSS] Updated HTML5 events matching.
2018-09-26 17:42:07 +02:00
92eed7d700
FTP directory UI emulation on script-disabled domains.
2018-09-26 17:19:44 +02:00
8b36446fc9
Include ftp:// URLs in non-secure domain matching.
2018-09-26 16:52:06 +02:00
f4055263c7
Version bump: 10.1.9.7rc1.
2018-09-26 15:59:36 +02:00
e4e1c83f2c
Fixed line endings.
2018-09-15 22:11:31 +02:00
297fec781f
Version bump: 10.1.9.6.
2018-09-14 07:36:13 +02:00
98528299cd
[XSS] Updated known HTML5 events.
2018-09-14 07:21:22 +02:00
fcb9fb8452
Version bump: 10.1.9.6rc3.
2018-09-14 07:19:03 +02:00
71c82b5084
Gracefully handle legacy message recipients.
2018-09-14 07:18:10 +02:00
8c739b064c
Removed unused regexp.
2018-09-10 19:23:47 +02:00
48053d96d4
Better IPV6 support.
2018-09-10 19:10:32 +02:00
2b45fcb9a4
Version bump: 10.1.9.6rc2.
2018-09-10 19:09:46 +02:00
f88a6a6d6d
Streamlined child policy content scripts.
2018-09-10 11:34:22 +02:00
6414195445
Version bump: 10.1.9.6rc1.
2018-09-09 23:47:15 +02:00
050aa8b83b
SUpport for protocol-only entries in UI.
2018-09-09 23:46:49 +02:00
16d1b03062
Version bump: 10.1.9.5.
2018-09-09 19:07:28 +02:00
305c6779a7
Fix for various content script timing related issues.
2018-09-09 18:59:52 +02:00
193e706a99
Version bump: 10.1.9.5rc1.
2018-09-09 17:41:39 +02:00
5629377921
Version bump: 10.1.9.4.
2018-09-09 15:04:17 +02:00
9b3b5e0503
Prevent total breakages when policies accidentally map to invalid match patterns.
2018-09-09 15:00:08 +02:00
1cfb3117ef
Prevent multiple CSP entries to be injected in the DOM on each reload if scripting is disabled.
2018-09-09 14:58:55 +02:00
002c8f8b67
Message loops checks coping with multiple options window.
2018-09-09 14:57:09 +02:00
c5cbb8abfc
Version bump: 10.1.9.4rc1.
2018-09-09 12:23:33 +02:00
1323fb8142
Version bump: 10.1.9.3.
2018-09-09 08:23:06 +02:00
eb85395a01
Fixed message handling regression causing incompatibilities with embedders and potential internal loops.
2018-09-09 08:21:03 +02:00
ffc688d57a
Version bump: 10.1.9.3rc1.
2018-09-09 08:04:55 +02:00
5a76ed6778
Version bump: 10.1.9.2.
2018-09-09 00:55:41 +02:00
4f7d8579af
More efficient window.name persistence for tab-scoped permissions.
2018-09-08 23:09:39 +02:00
b60cbbd49e
Site parsing more resilient to bogus input.
2018-09-08 14:37:33 +02:00
746655c885
Fixed regression: undefined fake request.url ends to for inline scripts CSP reports.
2018-09-08 14:36:47 +02:00
28c9a50b17
Version bump: 10.1.9.2rc4.
2018-09-08 13:03:25 +02:00
7514aa20f9
Saner message dispatching.
2018-09-08 11:50:40 +02:00
9edcf2f1f7
Restored it locale.
2018-09-05 17:09:45 +02:00
97d4c22669
Work-around for a potential race condition in message handling on extension updates.
2018-09-05 15:51:43 +02:00
ec0d7b4aff
Fixed possible null reference errors in Sites.origin().
2018-09-05 15:50:27 +02:00
ce5d46ead2
Init the CUSTOM preset not just with the capabilities, but also with the "temporary" status of the previously selected one.
2018-09-05 15:43:55 +02:00
b779e7122f
Fixed bug in requestKey generation.
2018-09-05 11:31:28 +02:00
c98bddeb4d
Version bump: 10.1.9.2rc3.
2018-09-05 11:26:04 +02:00
3bf909c927
[l10n] Transifex integration.
2018-09-05 00:44:27 +02:00
f95f7b809d
Ensure we remove the HEAD element parent of our META CSP policy only if we created it.
2018-09-04 22:43:00 +02:00
1814bfa03d
Work-around for CSP not being honored when the HEAD element has not been inserted yet.
2018-09-04 19:48:07 +02:00
26470b84f6
Transparent support for FQDNs and better management of file:/// URLs.
2018-09-04 19:28:16 +02:00
df149a5a55
Version bump: 10.1.9.2rc2.
2018-09-04 01:41:52 +02:00
81ac052e1d
Better file: protocol support.
2018-09-04 00:22:39 +02:00
16cdbbe1cb
Full-page placeholders for embedding documents.
2018-09-03 14:04:00 +02:00
b5d1fe6269
Version bump: 10.1.9.2rc1.
2018-09-03 13:50:09 +02:00
1f71590a48
Version bump: 10.1.9.1.
2018-08-30 17:37:43 +02:00
87d3401c0b
Merge branch 'master' of https://github.com/hackademix/noscript
...
Merge pull request #17 from Lekensteyn/fix-serviceworker-check
2018-08-30 17:26:13 +02:00
00444819fb
Version bump: 10.1.9.1rc1
2018-08-30 17:25:38 +02:00
6a0252c6de
Fix fallback scripts when ServiceWorkers are unavailable
...
ServiceWorkers are not available in private browsing mode (and can be
disabled otherwise via about:config), be sure to check its availability.
Otherwise fallback scripts are not invoked which prevents redirections
in <noscript> tags from being executed (as observed with t.co).
2018-08-30 16:36:29 +02:00
eb158d9fa3
Version bump: 10.1.9.
2018-08-29 18:24:37 +02:00
be3ab16315
Fixed typo in restricted.js inclusion.
2018-08-29 00:16:48 +02:00
215b8ac18e
Version bump: 10.1.9rc6.
2018-08-29 00:11:21 +02:00
b1b059ae80
Version bump: 10.1.9rc5.
2018-08-29 00:02:13 +02:00
22df979973
Better timing feedback for permissions changes in the popup UI.
2018-08-28 23:40:20 +02:00
5c3d5354f2
Reload-less service worker busting.
2018-08-28 23:28:06 +02:00
9b32ee8794
Version bump: 10.1.9rc4.
2018-08-28 23:27:36 +02:00
e8716657e4
Reordered startup sequence to be more friendly with embedders like the Tor Browser.
2018-08-28 17:21:56 +02:00
5bfba8a40f
Merge pull request #16 from rustybird/started
...
Broadcast a "started" message after initialization
2018-08-28 00:34:17 +02:00
26bfd899f9
Broadcast a "started" message after initialization
...
Other extensions listening in on NoScript's messages (e.g. Torbutton)
can take this message as an indication that it's now safe to send an
"updateSettings" message to NoScript without immediately getting
clobbered by the configuration loader.
See https://trac.torproject.org/projects/tor/ticket/26520 for context.
2018-08-27 22:29:16 +00:00
e2b63cf982
Further CSP refactoring and removal of obsolete fallbacks.
2018-08-27 18:55:00 +02:00
6e80d3f130
Let content script inject failsafe CSP in the DOM.
2018-08-27 18:55:00 +02:00
e82e961dd7
Refactoring CSP building out of RequestGuard.
2018-08-27 18:55:00 +02:00
b5d7266c50
Updated TLD support.
2018-08-27 18:54:44 +02:00
45c9d25da8
Version bump: 10.1.9rc1
2018-08-27 18:48:04 +02:00
ab3827b42d
Version bump: 10.1.8.23.
2018-08-25 11:38:19 +02:00
a1e567e9ec
Hotfix for some possible reload loops before refactoring CSP management.
2018-08-25 11:29:43 +02:00
5e397a3bf8
Version bump: 10.1.8.22.
2018-08-24 23:06:24 +02:00
e0453b3f3e
Version bump: 10.1.8.21.
2018-08-24 22:46:58 +02:00
7913e29a92
Fixed infinite reload loop on unrestricted tabs.
2018-08-24 22:28:05 +02:00
fc92be83c3
Fixed minor CSP buildig issues.
2018-08-24 22:14:38 +02:00
1ce446f871
Version bump: 10.1.8.21rc1.
2018-08-24 22:12:34 +02:00
ce16a79a7d
Version bump: 10.1.8.20.
2018-08-24 03:33:37 +02:00
caed2cfa1e
Fixed Sites.domainImplies() misplaced optimization.
2018-08-24 02:58:46 +02:00
d4e1ef5c87
[L10n] Added Catalan (ca)
2018-08-24 02:56:10 +02:00
de37b91121
Version bump: 10.1.8.20rc1.
2018-08-24 02:52:45 +02:00
32ae22b7a7
Version bump: 10.1.8.19.
2018-08-23 23:41:11 +02:00
483fad9b8a
Do not fail when onHeadersProcessed is called with no stored pending request.
2018-08-23 22:55:26 +02:00
c2067c0509
Version bump: 10.1.8.19rc2.
2018-08-23 22:53:22 +02:00
9f67a125b8
Fixed regression: framed documents' URLs not being reported in the UI.
2018-08-23 19:38:28 +02:00
dbc9575c68
Version bump: 10.1.8.19rc1.
2018-08-23 19:38:16 +02:00
8c35cae4c1
Version bump: 10.1.8.18.
2018-08-23 18:10:06 +02:00
286acd2079
More resilient and optimized version of Sites.domainImplies().
2018-08-23 17:48:38 +02:00
60c299c4f1
Update ChildPolicies when automatic temp TRUST for top-level document s is enabled.
2018-08-23 17:09:26 +02:00
4ce026a16c
Fixed messages from content scripts being "eaten" by the wrong dispatcher when UI is open (thanks skriptimaahinen).
2018-08-23 16:23:49 +02:00
fc6251c0ab
Fixed typo causing accidental permissions/status mismatches being checked only while pages are still loading (thanks skriptimaahinen).
2018-08-23 15:57:09 +02:00
80e1f10db5
Fixed typo in XSS name sanitization script injection (thanks skriptimaahinen).
2018-08-23 15:33:47 +02:00
a874f6031c
Version bump: 10.1.8.18rc1.
2018-08-23 15:29:01 +02:00
hackademix