hackademix
cfd9ba740c
Version bump: 11.0rc1.
2019-06-24 19:22:01 +02:00
hackademix
fa264f8157
Version bump: 10.6.3.
2019-06-15 22:41:20 +02:00
hackademix
4491d2f81b
Updated TLDs.
2019-06-15 20:59:00 +02:00
hackademix
48d03247ff
Fixed media replacement broken when <source> elements are used.
2019-06-15 20:42:39 +02:00
hackademix
a4f088211e
Fixed regression in full embedding document replacement due to timing changes.
2019-06-15 20:41:26 +02:00
hackademix
04baf1a3f8
Version bump: 10.6.3rc8.
2019-06-15 17:52:18 +02:00
hackademix
fba660149e
Further work-around for setting importation file picking inconsistencies on Android.
2019-05-30 13:23:35 +02:00
hackademix
18c0cdc590
Updated TLDs.
2019-05-30 12:52:35 +02:00
hackademix
9a44bf8900
Version bump: 10.6.3rc7.
2019-05-30 09:40:26 +02:00
hackademix
fc72add8a9
Fixed [Import] button on Android (issue #76 ).
2019-05-28 23:32:19 +02:00
hackademix
b89b161d9b
Version bump: 10.6.3rc6.
2019-05-28 23:16:10 +02:00
hackademix
22bceb6c97
Further JSON reduction optimizations.
2019-05-28 16:48:58 +02:00
hackademix
b935c22f55
Version bump: 10.6.3rc5.
2019-05-28 16:48:30 +02:00
hackademix
cd44c749f4
Timing cap inferenced by call numbers when using low-resolution timers.
2019-05-28 01:35:44 +02:00
hackademix
4d4fa3c6ed
Make XSS timeouts fatal and reported.
2019-05-28 01:35:44 +02:00
hackademix
37d148e3af
Fixed JSON parsing preamble regression.
2019-05-28 01:35:44 +02:00
hackademix
c2f0ce0dfc
Version bump: 10.6.3rc4.
2019-05-28 01:35:44 +02:00
hackademix
5597c4b0e5
XSS Filter made further asynchronous, prevents freezes on complex JSON payloads.
2019-05-27 00:28:01 +02:00
hackademix
4826128e43
Version bump: 10.6.3rc3.
2019-05-27 00:27:51 +02:00
hackademix
23fb55bf38
More accurate algorithm to account for permissions changes in the UI triggering automatic reloads.
2019-05-26 15:42:00 +02:00
hackademix
b06ec5d1c8
Version bump: 10.6.3rc2.
2019-05-26 15:40:41 +02:00
hackademix
947a2684af
Updated TLDs.
2019-05-26 00:13:52 +02:00
hackademix
78a5600d47
Skip page autoreloads on transitions between temporary and permanent presets of the same kind.
2019-05-26 00:07:55 +02:00
hackademix
f11d4243bc
Version bump: 10.6.3rc1.
2019-05-26 00:05:07 +02:00
hackademix
5c44687f18
Version bump: 10.6.2.
2019-05-22 18:54:48 +02:00
hackademix
3f48f4d5a0
Updated InjectionChecker's HTML5 events.
2019-05-22 18:45:58 +02:00
hackademix
0eb42450d4
Removed work-around for https://bugzilla.mozilla.org/show_bug.cgi?id=1532530 (see https://trac.torproject.org/projects/tor/ticket/29969#comment:9 ).
2019-05-22 18:45:34 +02:00
hackademix
c84673b110
Removed legacy DomNode.replaceChild() usage.
2019-05-22 16:59:18 +02:00
hackademix
732ba767a6
Version bump: 10.6.2rc2.
2019-05-22 16:58:11 +02:00
hackademix
c2be460915
Fix mozwebext class added to content pages (Issue #80 ).
2019-05-06 12:11:31 +02:00
hackademix
7b35acdab0
Updated TLDs.
2019-04-29 15:38:17 +02:00
hackademix
d0bcf7c975
Updated Transifex-managed locales (es, ms, tr).
2019-04-29 15:37:58 +02:00
hackademix
4fa4e55b62
Skip MediaSource patching where it's disabled by browser settings.
2019-04-29 10:31:19 +02:00
hackademix
43770cbc85
Skip dev-mode XSS tests unless the browser is Firefox.
2019-04-29 09:45:59 +02:00
hackademix
0c2df08d78
Reference internal pages as absolute URLs for Chromium compatibility.
2019-04-29 09:43:14 +02:00
hackademix
225ce1e6c8
Version bump: 10.6.2rc1.
2019-04-29 09:41:44 +02:00
hackademix
8aab462b44
Version bump: 10.6.1.
2019-04-08 23:21:40 +02:00
hackademix
cf6ef3bed5
Updated Transifex-managed nl locale.
2019-04-08 15:51:32 +02:00
hackademix
7ab201e133
Catch SecurityException thrown on cross-origin wrappedJSObject access.
2019-04-08 15:46:52 +02:00
hackademix
a489c192d6
Make RequestGuard's header processing synchronous on non-supporting browsers.
2019-04-08 13:08:17 +02:00
hackademix
5ffd53ee89
Fixed inconsistencies in handling of browser-internal URLs.
2019-04-08 11:44:08 +02:00
hackademix
9493978473
Fixed resetting options works just once per session (defaults reference current settings) - issue #69 .
2019-04-06 10:49:57 +02:00
hackademix
db85a7cb01
Updated Transifex-managed locales (de, fr, it, tr).
2019-04-06 10:42:04 +02:00
hackademix
bd38efde03
Version bump: 10.6.1rc1.
2019-04-01 23:20:35 +02:00
hackademix
7754ad0f45
Version bump: 10.6.
2019-04-01 21:53:54 +02:00
hackademix
aadde8b693
Version bump: 10.6rc2.
2019-04-01 19:12:54 +02:00
hackademix
f145e625e4
Limit wrappedJSObject usages to compatible browsers.
2019-04-01 19:12:20 +02:00
hackademix
688f7a31fa
Version bump: 10.6rc1.
2019-04-01 13:20:54 +02:00
hackademix
76c959ec30
Updated TLDs.
2019-04-01 12:52:44 +02:00
hackademix
68a06fa546
Updated de, fr, he, ru locales.
2019-04-01 12:46:54 +02:00
hackademix
661a2a436b
Chromium-compatible popup closure handling.
2019-03-28 13:04:36 +01:00
hackademix
c806c6bbff
Work-around for potential issues with legacy prefs.
2019-03-28 13:04:36 +01:00
hackademix
5327505fba
Chromium-compatible version number.
2019-03-28 13:04:36 +01:00
hackademix
75ea681b9f
Remove source map reference because of https://bugzilla.mozilla.org/show_bug.cgi?id=1437937
2019-03-28 13:04:36 +01:00
hackademix
c003a5123a
Fixed manifest description for cross-browser and chrome web store usage.
2019-03-28 13:04:05 +01:00
hackademix
b9373c65b1
Merge branch 'chromium' into merge/chromium
2019-03-27 23:43:34 +01:00
hackademix
d77df5c9e4
Version bump: 10.2.5.
2019-03-24 23:55:06 +01:00
hackademix
d299436a08
Better detection of privileged URLs in the XSS filter.
2019-03-24 23:35:05 +01:00
hackademix
b825935788
Version bump: 10.2.5rc1.
2019-03-24 23:06:50 +01:00
hackademix
c2ec91f7a6
Version bump: 10.2.4.
2019-03-20 23:46:25 +01:00
hackademix
4f95364bbf
Improved prompts layout.
2019-03-20 23:42:10 +01:00
hackademix
169d5f085a
Improved unscanned POST blocking.
2019-03-20 23:34:32 +01:00
hackademix
cab9d0ea74
Version bump: 10.2.4rc1.
2019-03-20 23:32:46 +01:00
hackademix
8c8dc258eb
Version bump: 10.2.3.
2019-03-19 23:23:56 +01:00
hackademix
3bb748fda2
Version bump: 10.2.3rc3.
2019-03-19 23:19:25 +01:00
hackademix
57b222c48b
Updated Transifex-managed locales.
2019-03-19 23:19:10 +01:00
hackademix
fa623fe400
Fixed searches from the url bar causing XSS warnings in the Tor Browser.
2019-03-19 23:11:18 +01:00
hackademix
c505c3e999
Version bump: 10.2.3rc2.
2019-03-19 23:10:19 +01:00
hackademix
ea894393f1
Improved popup initialization perceived speed.
2019-03-19 13:46:58 +01:00
hackademix
f04fbd790e
Fixed popup top buttons not visible in high contrast appearance mode.
2019-03-19 13:46:19 +01:00
hackademix
0052e4b702
Version bump: 10.2.3rc1.
2019-03-19 13:42:09 +01:00
hackademix
ab65a0a423
Version bump: 10.2.2.
2019-03-17 23:21:20 +01:00
hackademix
84fc537101
Updated Transifex-managed locales.
2019-03-17 23:06:50 +01:00
hackademix
4f901eb1fa
Fixed ns.requestCan() using hardcoded "script" rather than its capability argument.
2019-03-16 15:48:55 +01:00
hackademix
19d41bcc4e
Version bump: 10.2.2rc5.
2019-03-16 15:47:30 +01:00
hackademix
921a7910f0
"General/Cascade top document's restrictions to subdocuments" option (default true on the Tor Browser).
2019-03-15 23:55:50 +01:00
hackademix
c3c3a6a769
Remove double quotes around property names for consistency.
2019-03-15 23:34:09 +01:00
hackademix
6edf62ca12
Version bump: 10.2.2rc4.
2019-03-15 23:02:50 +01:00
hackademix
e0a2e34d9a
Added "incognito" manifest.json key.
2019-03-14 02:07:45 +01:00
hackademix
d1dd278a81
Selective handling of Tor Browser options and work-around for https://bugzilla.mozilla.org/show_bug.cgi?id=1532530
2019-03-14 01:57:58 +01:00
hackademix
3f2453053b
Updated TLDs.
2019-03-14 00:22:43 +01:00
hackademix
3bb9699ec7
Updated event names handled by InjectionChecker.
2019-03-14 00:22:06 +01:00
hackademix
295d681c1b
Added missing await to async options saving.
2019-03-14 00:09:45 +01:00
hackademix
0878ad2b0a
Remove usage of non-standard Array methods.
2019-02-01 01:17:58 +01:00
hackademix
d152a53871
Removed non-standard uneval() usage.
2019-02-01 01:17:09 +01:00
hackademix
20b689d015
Fallback XSS filtering to XSS Auditor since asynchronous webRequest handlers are not supported by Chromium.
2019-02-01 01:16:33 +01:00
hackademix
2fa009673f
Conditional CSS toggle for non-mozilla browsers.
2019-02-01 01:13:26 +01:00
hackademix
9b5bd1c775
Chromium-compatible UI stylesheets.
2019-02-01 00:31:43 +01:00
hackademix
4e5f12a6c2
Differentiate Chromium restricted URLs (where extensions cannot operate).
2019-02-01 00:31:00 +01:00
hackademix
781514cfb9
Graceful degradation for missing WebExtensions APIs on Chromium.
2019-02-01 00:28:33 +01:00
hackademix
d076a517ba
Generic shims for Chromium derivatives.
2019-02-01 00:26:40 +01:00
hackademix
82313cc766
Version bump: 10.2.2rc3.
2018-12-31 00:21:04 +01:00
hackademix
c0956b20b9
Safer cookie-less check for unrestricted tabs from subdocuments.
2018-12-27 10:54:45 +01:00
hackademix
8493f63e25
Version bump: 10.2.2rc2.
2018-12-27 10:47:05 +01:00
hackademix
74f08a58d0
[Locale] Added sv_SE (by Jonatan Nyberg).
2018-12-27 00:16:45 +01:00
hackademix
357906df78
Fix for unrestricted tabs not affecting about:blank subframes (issue #48 ).
2018-12-26 23:44:36 +01:00
hackademix
f341217e0a
[XSS] Updated known HTML events lists.
2018-12-26 22:35:10 +01:00
hackademix
33447ef6c2
Version bump: 10.2.2rc1.
2018-12-25 23:30:07 +01:00
hackademix
35faebf81b
Version bump: 10.2.1.
2018-12-23 14:42:48 +01:00
hackademix
bbd050a174
Cascade top document's restrictions to subframes (Tor issue #28873 ).
2018-12-17 17:43:19 +01:00
hackademix
c3e803a7dc
Version bump: 10.2.1rc3.
2018-12-17 17:42:53 +01:00
hackademix
8f0bdc1493
Fix restored media element from placeholder not loading previously blocked content.
2018-12-06 22:51:53 +01:00
hackademix
07b9084829
Version bump: 10.2.1rc2.
2018-12-05 15:25:23 +01:00
hackademix
c94cd48752
Fixed placeholders missing for some blocked embeddings (Tor ticket #28720 ).
2018-12-05 10:10:26 +01:00
hackademix
68d0cd0568
Version bump: 10.2.1rc1.
2018-12-05 10:10:26 +01:00
hackademix
9e70392b90
Version bump: 10.2.0.
2018-11-25 23:40:39 +01:00
hackademix
e20acbcb99
Version bump: 10.2.
2018-11-25 23:34:11 +01:00
hackademix
82bed35e6c
Limit fix for issue #41 to origin-less fetch (exclude frames).
2018-11-25 23:00:08 +01:00
hackademix
d93c87954c
[L10n] Updated fr, he.
2018-11-25 19:19:16 +01:00
hackademix
5c5c06f0c3
Version bump: 10.2rc2.
2018-11-25 19:19:06 +01:00
hackademix
83979c532e
Allow extensions to perform origin-less fetching and framing (issue #41 ).
2018-11-24 23:43:32 +01:00
hackademix
1dcbc7ebfc
Fixed meta refresh inside <NOSCRIPT> emulation breaking Firefox's built-in refresh blocking.
2018-11-17 22:56:30 +01:00
hackademix
24f738337b
Fixed issue #35 "tabId is not defined" on startup.
2018-11-12 02:18:58 +01:00
hackademix
6860ee2a40
Darker red badge background to ensure text is kept white across browsers.
2018-10-26 01:36:11 +02:00
hackademix
c1f359ddf4
Version bump: 10.2rc1.
2018-10-26 01:34:51 +02:00
hackademix
9afc2e7f2b
Version bump: 10.1.9.9.
2018-10-16 13:24:50 +02:00
hackademix
f9703b2bcb
Fixed potential race condition in per-tab configuration cookie hack.
2018-10-14 23:18:31 +02:00
hackademix
e3dc784cd4
Version bump: 10.1.9.9rc2.
2018-10-14 23:18:23 +02:00
hackademix
808fd652be
Use cookie instead of window.name as a tab-configuration hack.
2018-10-13 10:08:37 +02:00
hackademix
e44fce3ebd
Set tab restrictions status across all frames.
2018-10-12 22:35:46 +02:00
hackademix
8c37d74a19
Version bump: 10.1.9.9rc1.
2018-10-12 22:21:23 +02:00
hackademix
ec997edc10
Version bump to 10.1.9.8 because of erronous self-hosting AMO signing.
2018-10-06 18:27:17 +02:00
hackademix
bb4660e89f
Version bump: 10.1.9.7.
2018-10-06 18:20:02 +02:00
hackademix
fc4ab21b2d
[L10n] Updated ru (thanks fatboy).
2018-10-06 18:13:27 +02:00
hackademix
209d50b0c1
Simplified CSP HTTP header injection, avoiding report-to until actually supported by browsers.
2018-10-06 18:13:27 +02:00
hackademix
c9c7b7aefe
Fixed preset customization UI showing inherited DEFAULT permissions if a protocol-level preset exists.
2018-10-06 18:13:19 +02:00
hackademix
4bd8da62b8
Version bump: 10.1.9.7rc3.
2018-10-06 12:28:26 +02:00
hackademix
55ccd14dfe
Better UX for overriding protocol-level permissions.
2018-10-06 02:11:49 +02:00
hackademix
ddbd70416c
[L10n] Updated (es, ru) and new (el, he, ms, nb) locales from OTF's Localization Lab Transifex project.
2018-10-06 02:06:38 +02:00
hackademix
ffc0b0d8b0
Version bump: 10.1.9.7rc2.
2018-10-04 23:11:15 +02:00
Allan Nordhøy
f9a05c7361
Norwegian Bokmål translation
2018-10-03 14:21:15 +02:00
hackademix
321401f60e
[XSS] Updated HTML5 events matching.
2018-09-26 17:42:07 +02:00
hackademix
92eed7d700
FTP directory UI emulation on script-disabled domains.
2018-09-26 17:19:44 +02:00
hackademix
8b36446fc9
Include ftp:// URLs in non-secure domain matching.
2018-09-26 16:52:06 +02:00
hackademix
f4055263c7
Version bump: 10.1.9.7rc1.
2018-09-26 15:59:36 +02:00
hackademix
e4e1c83f2c
Fixed line endings.
2018-09-15 22:11:31 +02:00
hackademix
297fec781f
Version bump: 10.1.9.6.
2018-09-14 07:36:13 +02:00
hackademix
98528299cd
[XSS] Updated known HTML5 events.
2018-09-14 07:21:22 +02:00
hackademix
fcb9fb8452
Version bump: 10.1.9.6rc3.
2018-09-14 07:19:03 +02:00
hackademix
71c82b5084
Gracefully handle legacy message recipients.
2018-09-14 07:18:10 +02:00
hackademix
8c739b064c
Removed unused regexp.
2018-09-10 19:23:47 +02:00
hackademix
48053d96d4
Better IPV6 support.
2018-09-10 19:10:32 +02:00
hackademix
2b45fcb9a4
Version bump: 10.1.9.6rc2.
2018-09-10 19:09:46 +02:00
hackademix
f88a6a6d6d
Streamlined child policy content scripts.
2018-09-10 11:34:22 +02:00
hackademix
6414195445
Version bump: 10.1.9.6rc1.
2018-09-09 23:47:15 +02:00
hackademix
050aa8b83b
SUpport for protocol-only entries in UI.
2018-09-09 23:46:49 +02:00
hackademix
16d1b03062
Version bump: 10.1.9.5.
2018-09-09 19:07:28 +02:00
hackademix
305c6779a7
Fix for various content script timing related issues.
2018-09-09 18:59:52 +02:00
hackademix
193e706a99
Version bump: 10.1.9.5rc1.
2018-09-09 17:41:39 +02:00
hackademix
5629377921
Version bump: 10.1.9.4.
2018-09-09 15:04:17 +02:00
hackademix
9b3b5e0503
Prevent total breakages when policies accidentally map to invalid match patterns.
2018-09-09 15:00:08 +02:00
hackademix
1cfb3117ef
Prevent multiple CSP entries to be injected in the DOM on each reload if scripting is disabled.
2018-09-09 14:58:55 +02:00
hackademix
002c8f8b67
Message loops checks coping with multiple options window.
2018-09-09 14:57:09 +02:00
hackademix
c5cbb8abfc
Version bump: 10.1.9.4rc1.
2018-09-09 12:23:33 +02:00
hackademix
1323fb8142
Version bump: 10.1.9.3.
2018-09-09 08:23:06 +02:00
hackademix
eb85395a01
Fixed message handling regression causing incompatibilities with embedders and potential internal loops.
2018-09-09 08:21:03 +02:00
hackademix
ffc688d57a
Version bump: 10.1.9.3rc1.
2018-09-09 08:04:55 +02:00
hackademix
5a76ed6778
Version bump: 10.1.9.2.
2018-09-09 00:55:41 +02:00
hackademix
4f7d8579af
More efficient window.name persistence for tab-scoped permissions.
2018-09-08 23:09:39 +02:00
hackademix
b60cbbd49e
Site parsing more resilient to bogus input.
2018-09-08 14:37:33 +02:00
hackademix
746655c885
Fixed regression: undefined fake request.url ends to for inline scripts CSP reports.
2018-09-08 14:36:47 +02:00
hackademix
28c9a50b17
Version bump: 10.1.9.2rc4.
2018-09-08 13:03:25 +02:00
hackademix
7514aa20f9
Saner message dispatching.
2018-09-08 11:50:40 +02:00
hackademix
9edcf2f1f7
Restored it locale.
2018-09-05 17:09:45 +02:00
hackademix
97d4c22669
Work-around for a potential race condition in message handling on extension updates.
2018-09-05 15:51:43 +02:00
hackademix
ec0d7b4aff
Fixed possible null reference errors in Sites.origin().
2018-09-05 15:50:27 +02:00
hackademix
ce5d46ead2
Init the CUSTOM preset not just with the capabilities, but also with the "temporary" status of the previously selected one.
2018-09-05 15:43:55 +02:00
hackademix
b779e7122f
Fixed bug in requestKey generation.
2018-09-05 11:31:28 +02:00
hackademix
c98bddeb4d
Version bump: 10.1.9.2rc3.
2018-09-05 11:26:04 +02:00
hackademix
3bf909c927
[l10n] Transifex integration.
2018-09-05 00:44:27 +02:00
hackademix
f95f7b809d
Ensure we remove the HEAD element parent of our META CSP policy only if we created it.
2018-09-04 22:43:00 +02:00
hackademix
1814bfa03d
Work-around for CSP not being honored when the HEAD element has not been inserted yet.
2018-09-04 19:48:07 +02:00
hackademix
26470b84f6
Transparent support for FQDNs and better management of file:/// URLs.
2018-09-04 19:28:16 +02:00
hackademix
df149a5a55
Version bump: 10.1.9.2rc2.
2018-09-04 01:41:52 +02:00
hackademix
81ac052e1d
Better file: protocol support.
2018-09-04 00:22:39 +02:00
hackademix
16cdbbe1cb
Full-page placeholders for embedding documents.
2018-09-03 14:04:00 +02:00
hackademix
b5d1fe6269
Version bump: 10.1.9.2rc1.
2018-09-03 13:50:09 +02:00
hackademix
1f71590a48
Version bump: 10.1.9.1.
2018-08-30 17:37:43 +02:00
hackademix
87d3401c0b
Merge branch 'master' of https://github.com/hackademix/noscript
...
Merge pull request #17 from Lekensteyn/fix-serviceworker-check
2018-08-30 17:26:13 +02:00
hackademix
00444819fb
Version bump: 10.1.9.1rc1
2018-08-30 17:25:38 +02:00
Peter Wu
6a0252c6de
Fix fallback scripts when ServiceWorkers are unavailable
...
ServiceWorkers are not available in private browsing mode (and can be
disabled otherwise via about:config), be sure to check its availability.
Otherwise fallback scripts are not invoked which prevents redirections
in <noscript> tags from being executed (as observed with t.co).
2018-08-30 16:36:29 +02:00
hackademix
eb158d9fa3
Version bump: 10.1.9.
2018-08-29 18:24:37 +02:00
hackademix
be3ab16315
Fixed typo in restricted.js inclusion.
2018-08-29 00:16:48 +02:00
hackademix
215b8ac18e
Version bump: 10.1.9rc6.
2018-08-29 00:11:21 +02:00
hackademix
b1b059ae80
Version bump: 10.1.9rc5.
2018-08-29 00:02:13 +02:00
hackademix
22df979973
Better timing feedback for permissions changes in the popup UI.
2018-08-28 23:40:20 +02:00
hackademix
5c3d5354f2
Reload-less service worker busting.
2018-08-28 23:28:06 +02:00
hackademix
9b32ee8794
Version bump: 10.1.9rc4.
2018-08-28 23:27:36 +02:00
hackademix
e8716657e4
Reordered startup sequence to be more friendly with embedders like the Tor Browser.
2018-08-28 17:21:56 +02:00
hackademix
5bfba8a40f
Merge pull request #16 from rustybird/started
...
Broadcast a "started" message after initialization
2018-08-28 00:34:17 +02:00
Rusty Bird
26bfd899f9
Broadcast a "started" message after initialization
...
Other extensions listening in on NoScript's messages (e.g. Torbutton)
can take this message as an indication that it's now safe to send an
"updateSettings" message to NoScript without immediately getting
clobbered by the configuration loader.
See https://trac.torproject.org/projects/tor/ticket/26520 for context.
2018-08-27 22:29:16 +00:00
hackademix
e2b63cf982
Further CSP refactoring and removal of obsolete fallbacks.
2018-08-27 18:55:00 +02:00
hackademix
6e80d3f130
Let content script inject failsafe CSP in the DOM.
2018-08-27 18:55:00 +02:00
hackademix
e82e961dd7
Refactoring CSP building out of RequestGuard.
2018-08-27 18:55:00 +02:00
hackademix
b5d7266c50
Updated TLD support.
2018-08-27 18:54:44 +02:00
hackademix
45c9d25da8
Version bump: 10.1.9rc1
2018-08-27 18:48:04 +02:00
hackademix
ab3827b42d
Version bump: 10.1.8.23.
2018-08-25 11:38:19 +02:00
hackademix
a1e567e9ec
Hotfix for some possible reload loops before refactoring CSP management.
2018-08-25 11:29:43 +02:00
hackademix
5e397a3bf8
Version bump: 10.1.8.22.
2018-08-24 23:06:24 +02:00
hackademix
e0453b3f3e
Version bump: 10.1.8.21.
2018-08-24 22:46:58 +02:00
hackademix
7913e29a92
Fixed infinite reload loop on unrestricted tabs.
2018-08-24 22:28:05 +02:00
hackademix
fc92be83c3
Fixed minor CSP buildig issues.
2018-08-24 22:14:38 +02:00
hackademix
1ce446f871
Version bump: 10.1.8.21rc1.
2018-08-24 22:12:34 +02:00
hackademix
ce16a79a7d
Version bump: 10.1.8.20.
2018-08-24 03:33:37 +02:00
hackademix
caed2cfa1e
Fixed Sites.domainImplies() misplaced optimization.
2018-08-24 02:58:46 +02:00
hackademix
d4e1ef5c87
[L10n] Added Catalan (ca)
2018-08-24 02:56:10 +02:00
hackademix
de37b91121
Version bump: 10.1.8.20rc1.
2018-08-24 02:52:45 +02:00
hackademix
32ae22b7a7
Version bump: 10.1.8.19.
2018-08-23 23:41:11 +02:00
hackademix
483fad9b8a
Do not fail when onHeadersProcessed is called with no stored pending request.
2018-08-23 22:55:26 +02:00
hackademix
c2067c0509
Version bump: 10.1.8.19rc2.
2018-08-23 22:53:22 +02:00
hackademix
9f67a125b8
Fixed regression: framed documents' URLs not being reported in the UI.
2018-08-23 19:38:28 +02:00
hackademix
dbc9575c68
Version bump: 10.1.8.19rc1.
2018-08-23 19:38:16 +02:00
hackademix
8c35cae4c1
Version bump: 10.1.8.18.
2018-08-23 18:10:06 +02:00
hackademix
286acd2079
More resilient and optimized version of Sites.domainImplies().
2018-08-23 17:48:38 +02:00
hackademix
60c299c4f1
Update ChildPolicies when automatic temp TRUST for top-level document s is enabled.
2018-08-23 17:09:26 +02:00
hackademix
4ce026a16c
Fixed messages from content scripts being "eaten" by the wrong dispatcher when UI is open (thanks skriptimaahinen).
2018-08-23 16:23:49 +02:00
hackademix
fc6251c0ab
Fixed typo causing accidental permissions/status mismatches being checked only while pages are still loading (thanks skriptimaahinen).
2018-08-23 15:57:09 +02:00
hackademix
80e1f10db5
Fixed typo in XSS name sanitization script injection (thanks skriptimaahinen).
2018-08-23 15:33:47 +02:00
hackademix
a874f6031c
Version bump: 10.1.8.18rc1.
2018-08-23 15:29:01 +02:00
hackademix
5f3c46184a
Version bump: 10.1.8.17.
2018-08-22 22:53:48 +02:00
hackademix
66ddfcbecc
Fix: Sites.domainImplies() should match subdomains.
2018-08-22 18:02:44 +02:00
hackademix
075a5ad0e0
More coherent wrapper around the webex messaging API.
2018-08-22 16:34:16 +02:00
hackademix
48c04726b8
Version bump: 10.1.8.17rc8.
2018-08-22 15:45:54 +02:00
hackademix
1de1db3c29
Fixed possible surprises in background script message handling.
2018-08-21 23:54:04 +02:00
hackademix
91334fe944
Fixed inconstitencies in ChildPolicies content script URL matching.
2018-08-21 23:51:59 +02:00
hackademix
e742e5d801
Version bump: 10.1.8.17rc7.
2018-08-21 14:44:22 +02:00
hackademix
dc4ab14c92
Simpler and more reliable safety net to ensure CSP headers are injected last among WebExtensions.
2018-08-20 23:45:33 +02:00
hackademix
f7fcdb37a3
Version bump: 10.1.8.17rc6.
2018-08-20 23:41:07 +02:00
hackademix
8e1dc9e0ee
Fixed regression: refresh loop on page using requests of type="object" to cache images, stylesheets and other types.
2018-08-19 01:30:14 +02:00
hackademix
cf8482116d
Version bump: 10.1.8.17rc5.
2018-08-19 01:28:58 +02:00
hackademix
bb232e0895
More reliable attempt to run onResponseHeader listener the last of installed extension.
2018-08-18 22:52:34 +02:00
hackademix
3819592dfc
[L10n] Updated ru (new) and de.
2018-08-18 22:46:29 +02:00
hackademix
ee48e5c7d9
[XSS] Updated HTML events matching generation to use both latest Mozilla source code and archived data since Firefox ESR 52.
2018-08-18 15:25:03 +02:00
hackademix
6eee6147eb
Version bump: 10.1.8.17rc4.
2018-08-18 11:33:24 +02:00
hackademix
8c8b959474
Merge pull request #13 from Lekensteyn/empty-tld-fixes
...
Fix policy configuration for domains without dots
2018-08-18 03:27:35 +02:00
hackademix
2f9c5299af
Removed all references to RequestUtil.js and dependancies.
2018-08-18 03:20:33 +02:00
hackademix
e959accb70
Hack: use top.name to store per-tab content-side configuration (e.g. unrestricted tab status).
2018-08-17 09:07:11 +02:00
hackademix
50d71ca381
[l10n] tr and br from Transifex.
2018-08-17 08:45:34 +02:00
hackademix
57d883d63e
Policy serialization using the contentScripts API.
2018-08-16 23:43:36 +02:00
Peter Wu
49e34cd176
Fix policy configuration for domains without dots
...
Make sure that hosts such as "_gateway" (from systemd nss-myhostname) or
"master" (a local domain from DHCP) can be configured in the popup.
2018-08-15 18:40:48 +02:00
hackademix
2c75eedadd
Version bump: 10.1.8.17rc3.
2018-08-13 01:37:45 +02:00
hackademix
af4ec5c169
"High contrast appearance" option to override high contrast themes auto-detection.
2018-08-13 01:33:40 +02:00
hackademix
8caa2536bd
Best effort to run webRequest.onHeaderReceived listener last (issue #6 )
2018-08-07 09:53:01 +02:00
hackademix
2250d51aa4
Version bump: 10.1.8.17rc2.
2018-08-06 01:24:08 +02:00
hackademix
2990ca5f2c
Fixed unlocalized NoScript Options title.
2018-08-06 01:23:59 +02:00
hackademix
99e8c8b09f
Skip non-content windows when deferring startup page loading.
2018-08-01 19:07:37 +02:00
hackademix
ce541c4a53
Broader detection of UTF-8 encoding in responses.
2018-08-01 18:53:38 +02:00
hackademix
9782ab02d5
Fixed inline scripts not being reported to UI (skriptimaahinen).
2018-08-01 18:13:39 +02:00
hackademix
76190a644e
Improved support for debugging code removal in releases.
2018-08-01 17:48:45 +02:00
hackademix
140d8759cf
Fixed startup race condition with pending request tracking.
2018-08-01 17:47:57 +02:00
hackademix
bc834a034e
Fixed updating NoScript reloads tabs with revoked temporary permissions.
2018-08-01 17:32:16 +02:00
hackademix
a283ea1575
Version bump: 10.1.8.17rc1.
2018-07-28 23:52:06 +02:00
hackademix
6f710640fa
Version bump: 10.1.8.16.
2018-07-28 14:44:22 +02:00
hackademix
d64e480275
Fixed random stallings on page transitions.
2018-07-28 14:37:18 +02:00
hackademix
3eb5be743d
Version bump: 10.1.8.16rc1.
2018-07-28 13:59:44 +02:00
hackademix
c5b477457a
Version bump: 10.1.8.15.
2018-07-28 12:58:47 +02:00
hackademix
f82b1e376c
Fixed browser action icon not being updated on BF cache navigation.
2018-07-28 12:50:30 +02:00
hackademix
ca0273f9cd
Version bump: 10.1.8.15rc1.
2018-07-28 12:42:51 +02:00
hackademix
ff970df845
Version bump: 10.1.8.14.
2018-07-28 09:21:28 +02:00
hackademix
6e75750f45
Version bump: 10.1.8.13.
2018-07-28 09:16:30 +02:00
hackademix
fdf4ff3a39
Fixed regression in NOSCRIPT elements emulation.
2018-07-28 09:10:31 +02:00
hackademix
d39f68cb88
Version bump: 10.1.8.13rc1.
2018-07-28 09:09:26 +02:00
hackademix
3e6caf4f20
Version bump: 10.1.8.12.
2018-07-28 03:12:25 +02:00
hackademix
07a4e7ba30
Version bump: 10.1.8.11rc1.
2018-07-28 03:05:11 +02:00
hackademix
36cb28b842
Fixed some video streams not playing anymore.
2018-07-28 03:04:13 +02:00
hackademix
0b2691a775
Version bump: 10.1.8.10.
2018-07-28 02:24:41 +02:00
hackademix
d45209060f
Fixed window.stop() called in empty suframes.
2018-07-28 02:19:48 +02:00
hackademix
10d0809b74
Version bump: 10.1.8.10rc1.
2018-07-28 02:18:05 +02:00
hackademix
5c85ae8a8a
Version bump: 10.1.8.9.
2018-07-27 11:10:37 +02:00
hackademix
21810063d0
Disable scripting in HTML-embedding objects where webglHook cannot run, if webgl not allowed.
2018-07-26 23:48:20 +02:00
hackademix
4e62643b33
Version bump: 10.1.8.9rc9.
2018-07-26 23:19:51 +02:00
hackademix
d3cacf634f
More edge cases covered in dynamic script injection.
2018-07-26 19:33:46 +02:00
hackademix
a8a6dd4c7b
Version bump: 10.1.8.9rc8.
2018-07-26 16:32:20 +02:00
hackademix
0f089105da
Updated TLDs.
2018-07-26 11:45:55 +02:00
hackademix
c41ec107cb
[XSS] Updated HTML event attributes matching.
2018-07-26 11:45:30 +02:00
hackademix
1006f09de2
Fixed some resource loading feedback glitches.
2018-07-26 11:42:35 +02:00
hackademix
86d1390875
Version bump: 10.1.8.9rc7.
2018-07-26 11:28:27 +02:00
hackademix
fb9619ec99
Merge branch 'master' of https://github.com/hackademix/noscript
...
[L10n] Fixed little typos in it locale (SebastianoPistore)
2018-07-25 14:43:30 +02:00
hackademix
51732dd2c0
Merge pull request #3 from SebastianoPistore/master
...
Update ITA translation
2018-07-25 14:41:12 +02:00
hackademix
5e5839c036
Version bump: 10.1.8.9rc6.
2018-07-25 14:38:18 +02:00
hackademix
a46d085ff7
Fix for stalling embedded objects load on dynamic script injection.
2018-07-25 14:36:32 +02:00
hackademix
d88a0cf6d7
Fixed infinite reload loops on scripting permissions mismatches.
2018-07-25 11:08:43 +02:00
hackademix
391c8b402a
Version bump: 10.1.8.9rc5.
2018-07-25 10:39:14 +02:00
SebastianoPistore
952392b95c
Update ITA translation
...
- fix little typos
2018-07-25 10:14:20 +02:00
hackademix
8d6f963022
Work-around for serviceWorker loads bypassing webRequest.
2018-07-24 23:21:01 +02:00
hackademix
ec79210bd1
[UI] More flexible CSS layout for preset buttons.
2018-07-24 23:19:53 +02:00
hackademix
32874841ca
[XSS] Updated HTML events matching.
2018-07-24 23:19:03 +02:00
hackademix
ea4703ecd7
Version bump: 10.1.8.9rc4.
2018-07-24 14:46:36 +02:00
hackademix
4302246ac0
More reliable handling of edge startup cases.
2018-07-22 19:14:54 +02:00
hackademix
81b3851256
Fixed dynamic script injection failing sometimes with "No matching message handler" error.
2018-07-22 17:10:05 +02:00
hackademix
e7fcd76705
Updated TLDs.
2018-07-21 22:50:26 +02:00
hackademix
fa45c1359e
Version bump: 10.1.8.9rc3.
2018-07-21 15:44:48 +02:00
hackademix
163467f82b
Fixed externally handled resources opened in popups being broken by dynamic script injection.
2018-07-20 23:35:43 +02:00
hackademix
570cf0456c
Prevent multiple canScript content messages during the same page load.
2018-07-20 23:30:14 +02:00
hackademix
9382bbd911
Replaced unicode glyphs missing on some platforms and in the Tor Browser.
2018-07-20 16:19:49 +02:00
hackademix
b1e4791d0a
Version bump: 10.1.8.9rc2.
2018-07-20 16:03:56 +02:00
hackademix
580450b463
Refactor ContentMetadata into ResponseMetaData.
2018-07-19 01:04:35 +02:00
hackademix
0910566926
Removed useless work-around suggested in moz bug 1410755 which caused Tor Browser content process crashes.
2018-07-19 00:31:34 +02:00
hackademix
c0fbf92cfa
Version bump: 10.1.8.9rc1.
2018-07-19 00:07:18 +02:00
hackademix
d872b70769
Version bump: 10.1.8.8.
2018-07-17 18:12:09 +02:00
hackademix
5a60d58d24
Prevent script injection from messing with content-disposition=attachment responses.
2018-07-17 12:10:17 +02:00
hackademix
493d40021a
Version bump: 10.1.8.8rc1.
2018-07-17 12:03:48 +02:00
hackademix
58651ca4b4
Version bump: 10.1.8.7.
2018-07-17 00:14:23 +02:00
hackademix
b807a8bf02
Version bump: 10.1.8.6.
2018-07-16 23:49:18 +02:00
hackademix
31b2f5bbd2
Fixed regression breaking meta refreshes with relative URLs.
2018-07-16 23:45:10 +02:00
hackademix
859cb65d82
Version bump: 10.1.8.6rc1.
2018-07-16 23:43:27 +02:00
hackademix
9e72e9321c
Version bump: 10.1.8.5.
2018-07-16 17:34:16 +02:00
hackademix
37928bd2c3
Completed fix for quoted URLs confusing meta refresh emulation.
2018-07-16 17:24:54 +02:00
hackademix
909e96012c
Version bump: 10.1.8.5rc1.
2018-07-16 17:23:50 +02:00
hackademix
ad6187dfd8
Cosmetic bug fixes.
2018-07-16 15:55:01 +02:00
hackademix
f6b7232857
Updated TLDs.
2018-07-16 15:53:55 +02:00
hackademix
4101c9087c
Version bump: 10.1.8.4.
2018-07-16 15:53:10 +02:00
hackademix
a8f1b80012
[l10n] Fixed es.
2018-07-16 15:52:26 +02:00
hackademix
72b2ecf47c
Version bump: 10.1.8.3.
2018-07-16 12:23:19 +02:00
hackademix
25719ddc5e
Fixed cleaning up reloadingTabs in StreamFilter.onstart() was still breaking some feeds sometimes.
2018-07-12 22:58:52 +02:00
hackademix
7e3decc8f4
[XSS] Fixed anti-HPP coalescing wrongly applied to POST requests causing JSON reduction optimization to choke on big payloads.
2018-07-12 18:58:57 +02:00
hackademix
8f6574661d
Fixed first popup row not showing the initial site active preset.
2018-07-12 16:01:26 +02:00
hackademix
54dd9fa754
Removed deprecated windowType usages.
2018-07-12 15:58:42 +02:00
hackademix
66adf2720e
Fixed meta-refresh emulation getting confused by quoted URLs.
2018-07-12 02:10:22 +02:00
hackademix
a9e1051018
Version bump: 10.1.8.3rc11.
2018-07-12 02:09:21 +02:00
hackademix
5937dd5e08
Restored UNTRUSTED label localized string previously modified for testing.
2018-07-12 00:11:54 +02:00
hackademix
2bf06beae5
Autosize preset buttons final.
2018-07-12 00:04:53 +02:00
hackademix
9815e0f7cf
Fixed race condition in work-around for broken feeds in ESR60.
2018-07-11 19:26:50 +02:00
hackademix
9a0a76ec3c
Autosize preset buttons part 2.
2018-07-11 03:03:30 +02:00
hackademix
842caf7340
Made preset buttons automatically sized according to their (localized) content.
2018-07-11 00:53:25 +02:00
hackademix
74e20bb3eb
Reload hack to let the RSS feed reader work on ESR60
2018-07-10 23:56:19 +02:00
hackademix
d03e810f1b
Changed "script count" into "blocked items count" in badge appearance option.
2018-07-10 15:47:44 +02:00
hackademix
3ae5cd55c9
Reverted <noscript> replacement to <span> over fingerprinting concerns.
2018-07-09 23:22:36 +02:00
hackademix
609a6fec3d
Version bump: 10.1.8.3rc10.
2018-07-09 23:21:52 +02:00
hackademix
17a0426c32
More specific dynamic script injection exceptions.
2018-07-09 19:32:24 +02:00
hackademix
c6882356d3
Fixed label sizes in de localized messages.
2018-07-09 19:30:49 +02:00
hackademix
7dfa2e640b
Added two library files (one, lib/restricted.js, missing from rc8 tag) and version bump.
2018-07-09 19:29:23 +02:00
hackademix
103324e5d2
More graceful handling of internal and restricted URLs.
2018-07-09 01:36:28 +02:00
hackademix
5217db79ce
Content-side DOM insertions made compatible with XML document.
2018-07-09 00:09:34 +02:00
hackademix
dac392deda
More specific content-type exception for dynamic script injection.
2018-07-09 00:08:26 +02:00
hackademix
48690ee92e
Removed console.log() patching test code accidentally committed in media.js.
2018-07-08 22:27:53 +02:00
hackademix
10d4986b7a
Added de, es, fr, it, nl, pt_BR and zh_CN locales (courtesy of Mozilla's localization campaign).
2018-07-08 22:22:54 +02:00
hackademix
183f0bc100
Truncate preset labels which exceed the button size, accomodating for longer localized strings.
2018-07-08 22:20:24 +02:00
hackademix
df24338a04
Use a custom <no-script> element as <NOSCRIPT> replacement.
2018-07-08 14:07:08 +02:00
hackademix
20f80666fe
Version bump: 10.1.8.3rc8.
2018-07-08 10:20:13 +02:00
hackademix
cf1b413bff
Fixed <NOSCRIPT> replacements to be inline elements.
2018-07-08 10:02:11 +02:00
hackademix
0ad5f95eb4
Fixed dynamic script injection breaking images shown as frame content.
2018-07-07 01:28:20 +02:00
hackademix
093b9d724e
Work-around for onload not being fired on XML documents in Tor Browser/ESR60.
2018-07-06 04:01:44 +02:00
hackademix
799d99bd10
Version bump to 10.1.8.3rc7.
2018-07-06 01:01:22 +02:00
hackademix
1ee85084f7
More informative / useful popup on (semi)privileged pages.
2018-07-06 00:59:12 +02:00
hackademix
57eaa94dde
Backport dynamic script injection to Tor Browser / Fx ESR60.
2018-07-03 19:36:39 +02:00
hackademix
8ae9513f75
Provide a uuid function fallback which doesn't fail in the Tor Browser.
2018-07-03 19:35:33 +02:00
hackademix
5c71c94a13
Version bumb to 10.1.8.3rc6.
2018-07-03 19:32:45 +02:00
hackademix
e2a8c5768f
XSS filter autoupdated to latest HTML events supported by the browser
2018-07-03 17:06:46 +02:00
hackademix
e0ae64871e
Fixed regression: dynamic script injection breaking images loaded as frame content.
2018-07-03 17:02:58 +02:00
hackademix
81bd93a72d
Simplified and apparently more reliable+flexible+efficient dynamic script injection method.
2018-07-02 01:50:32 +02:00
hackademix
eceae7187a
Initial commit starting at version 10.1.8.3rc4.
2018-07-01 01:01:23 +02:00