da389d825f
Version bump: 11.2.5rc2.
2021-04-02 22:51:00 +02:00
f7d56c30f1
Configurable "csspp0" capability to for sites where the CSS PP0 mitigation should be disabled (e.g TRUSTED).
2021-04-02 00:22:39 +02:00
fee3a23243
[nscl] Fix CSS PP0 mitigation still interfering with some WebExtensions (thanks barbaz for report).
2021-04-02 00:18:44 +02:00
28de8bbca5
[XSS] Increased sensitivity and specificity of risky operator pre-checks.
2021-03-28 21:58:56 +02:00
8cd56795f6
Version bump: 11.2.5rc1.
2021-03-28 09:19:35 +02:00
a176cf261b
Version bump: 11.2.4.
2021-03-26 20:17:57 +01:00
71426453e7
[nscl] Inteception of webgl context creation in OffscreenCanvas too.
2021-03-26 19:26:46 +01:00
b178613973
Fixed regression: Site Info broken by NSCL refactoring.
2021-03-26 18:26:15 +01:00
0731e48c94
Version bump: 11.2.4rc5.
2021-03-26 18:26:15 +01:00
e0d7ad8cea
[nscl] Fixed unmerged NetCSP "extra" headers always undefined.
2021-03-25 23:32:50 +01:00
dd41e83e56
Version bump: 11.2.4rc4.
2021-03-25 23:31:38 +01:00
f594129d73
Avoid stack trace generation for debugging purposes on release builds.
2021-03-25 00:48:48 +01:00
8ccfecc902
More selective CSS PP0 protection, excluded on the Tor Browser where it's unneeded and easier to test/debug on dev builds.
2021-03-25 00:48:17 +01:00
cab286b316
Make isTorBrowser information available in child policy.
2021-03-25 00:19:09 +01:00
6ddba86e9a
Prevent console noise on startup with privileged tabs.
2021-03-24 22:53:54 +01:00
c30c9c5627
[nscl] More refactoring out in NoScript Commons Library.
2021-03-20 22:59:59 +01:00
4c9ddc847a
Version bump: 11.2.4rc3.
2021-03-19 23:58:10 +01:00
6877074c79
[nscl] Switch to NSCL for messaging.
2021-03-16 01:20:36 +01:00
20b10ff4f9
[nscl] Rollback unneded window.opener patching (thanks musonius for insight).
2021-03-16 01:04:28 +01:00
477e6882d6
CSS PP0 mitigation: cross-site stylesheets on scriptless pages, one resource per host.
2021-03-16 00:58:52 +01:00
fd47b4dac7
Limit CSS PP0 mitigation to scriptless pages and prefetch only cross-site resources.
2021-03-15 20:14:43 +01:00
3f2d9cfb20
Version bump: 11.2.4rc2.
2021-03-13 00:50:27 +01:00
de80b7b115
CSS resources prefetching as a mitigation against CSS PP0 ( https://github.com/Yossioren/pp0 ).
2021-03-13 00:35:34 +01:00
5cd6a01b5c
[L10n] Updated br, de, el, es, fr, he, is, nl, pl, pt_BR, ru, sq, tr, zh_CN.
2021-03-12 12:18:29 +01:00
354dbeabbd
Fixed configuration upgrades not applied on manual updates (thanks Nan for reporting).
2021-03-11 21:52:57 +01:00
1bfc51226c
Mitigation for misbehaving pages repeating failed requests in a tight loop.
2021-02-27 23:16:56 +01:00
ae728f1d86
[UI] More understandable label for the cascading restrictions option.
2021-02-25 09:54:03 +01:00
d8b10836e6
[nscl] patchWindow improvements.
2021-02-25 09:54:03 +01:00
5f59f65494
[nscl] Switch to NSCL's generic inclusion shell script.
2021-02-24 19:41:37 +01:00
9e871c064d
Version bump: 11.2.4rc1.
2021-02-19 21:39:22 +01:00
4e4ea350f0
Version bump: 11.2.3.
2021-02-17 07:42:36 +01:00
a72d965121
[L10n] Purged non-inclusive terms from obsolete messages.
2021-02-17 00:00:50 +01:00
d9f774a97c
Added red halo feedback in CUSTOM preset for noscript element capability.
2021-02-16 23:15:30 +01:00
ca37af400f
Fixed missing red halo feedback in CUSTOM preset for inline scripts and other capabilities sometimes.
2021-02-16 23:14:21 +01:00
7c77a1f913
Fixed race condition causing noscript elements not to be rendered sometimes.
2021-02-16 22:43:55 +01:00
54e4671463
Version bump: 11.2.3rc1.
2021-02-16 22:41:05 +01:00
58e37b1760
Version bump: 11.2.2.
2021-02-16 19:56:13 +01:00
2f86a20172
Fixed typo in version checked on noscript capability update.
2021-02-16 19:53:41 +01:00
ef2b36d496
[L10n] Updated bn, br, ca, da, de, el, es, fr, he, is, it, ja, lt, mk, ms, nb, nl, pt_BR, ru, sq, sv_SE, tr, zh_CN, zh_TW.
2021-02-16 19:53:41 +01:00
4225934966
Version bump: 11.2.2rc1.
2021-02-16 19:53:33 +01:00
68be86a303
Version bump: 11.2.1.
2021-02-15 09:05:02 +01:00
d3d6437844
[UI] Minor CSS Chromium compatibility fix.
2021-02-14 20:07:50 +01:00
c42cbb7290
Configurable capability to show noscript elements on script-disabled pages.
2021-02-14 20:07:24 +01:00
12c654f130
[L10n] Updated de.
2021-02-14 08:48:55 +01:00
b0d03d34ab
Version bump: 11.2.1rc4.
2021-02-14 08:48:20 +01:00
f3223f8dad
[nscl] Improved integration of the NoScript Commons Library.
2021-02-14 00:00:59 +01:00
f2c33945dd
Moved nscl submodule into src.
2021-02-13 21:13:41 +01:00
0d6c029484
Removed nscl cache directory from src.
2021-02-13 21:09:46 +01:00
9fad0842f7
[nscl] Refactoring to use Policy and its dependencies from the NoScript Commons Library.
2021-02-13 20:18:27 +01:00
4a8d6ef2b4
Version bump: 11.2.1rc3.
2021-02-13 13:06:09 +01:00
3679e9ba90
[nscl] Updated NoScript Common Library inclusions.
2021-02-13 01:59:23 +01:00
b7d1eb8cfc
Switch to faster and easier to maintain tld.js from nscl.
2021-02-13 01:06:14 +01:00
cb11684595
[nscl] Updated NoScript Common Library inclusions.
2021-02-13 01:05:36 +01:00
aeb303d669
[UI] Fix punycode inconsistencies.
2021-02-12 19:37:46 +01:00
9eb58f75e5
[UI] improve preset and site controls alignment.
2021-02-12 18:59:17 +01:00
27281a2ada
Provide feedback in the CUSTOM tab for WebGL usage attempts even if the canvas element is not attached to the DOM.
2021-02-08 12:53:45 +01:00
255abeddb6
[L10n] Updated de, ja.
2021-02-07 22:18:01 +01:00
361093e1da
Updated HTML events.
2021-02-07 22:15:00 +01:00
b18694c528
Version bump: 11.2.1rc2.
2021-02-07 22:14:43 +01:00
e158441412
Prevent double script on trusted file:// pages in some edge cases.
2021-02-06 23:08:22 +01:00
3e501cd0c1
Prevent detection of wrapped functions (e.g. in WebGL interception) on Chromium.
2021-01-29 23:07:28 +01:00
1d90c874f9
Updated TLDs.
2021-01-29 21:28:50 +01:00
79b1cb7fee
Version bump: 11.2.1rc1.
2021-01-29 16:31:28 +01:00
0364617341
Update German translation
2021-01-29 16:31:03 +01:00
76c97011c0
Version bump: 2.1rc1.
2021-01-29 08:55:09 +01:00
b9203bc6b4
Version bump: 11.2.
2021-01-26 21:47:45 +01:00
5fc7da6468
Updated TLDs.
2021-01-26 21:47:41 +01:00
4afa2a7435
[XSS] Fixed choice manager UI bug (thanks barbaz for report).
2021-01-25 21:25:38 +01:00
4f0885aff9
Version bump: 11.2rc3.
2021-01-25 21:11:32 +01:00
cb548e427d
Updated TLDs.
2021-01-25 13:27:52 +01:00
2620d456b9
[XSS] New UI to reveal and selectively remove permanent user choices.
2021-01-25 13:27:30 +01:00
1908b4b258
Version bump: 11.2rc2.
2021-01-25 13:27:30 +01:00
1974674e71
[L10n] Updated de.
2021-01-24 21:21:25 +01:00
9639ea49ac
Webgl hook refactored on nscl/content/patchWindow.js and made Chromium-compatibile.
2021-01-24 21:21:06 +01:00
ab3eab6e18
Updated TLDs.
2021-01-24 18:42:39 +01:00
4450f98f07
Version bump: 11.2rc1.
2021-01-24 18:42:09 +01:00
6157364aad
Version bump: 11.1.9.
2021-01-17 23:27:56 +01:00
0b3db6b5e4
Return null when webgl is not allowed (thanks Matthew Finkel for patch).
2021-01-17 23:00:11 +01:00
6abb3c9488
Version bump: 11.1.9rc5.
2021-01-17 22:59:13 +01:00
bb20b1d97c
Updated TLDs.
2021-01-15 18:28:11 +01:00
3753e8184a
[XSS] Fixed memoization bug resulting in performance degradation on some payloads.
2021-01-15 17:33:56 +01:00
10e02b41ed
[XSS] Include call stack in debugging log output.
2021-01-15 17:33:56 +01:00
445d7ff1af
[XSS] Skip naps when InjectionChecker runs in its own worker.
2021-01-15 17:33:56 +01:00
17f3bfd14b
Shortcut for easier XSS filter testing.
2021-01-15 17:33:56 +01:00
5f343ad16a
Version bump: 11.1.9rc4.
2021-01-15 17:33:56 +01:00
09a6593011
More lenient filter to add a new entry to per-site permissions.
2021-01-13 23:50:55 +01:00
04fad994f4
Version bump: 11.1.9rc3.
2021-01-13 23:49:08 +01:00
d2d7aff4cd
[L10n] Updated de.
2021-01-10 22:35:55 +01:00
45e6d8c03d
Better fix for per-site permissions UI glitches (thanks barbaz for reporting).
2021-01-10 22:35:18 +01:00
2013c8e1ae
Version bump: 11.1.9rc2.
2021-01-10 22:35:18 +01:00
1ef628d71e
Replace script-embedded bitmap with css-embedded SVG as the placeholder logo.
2021-01-09 22:50:28 +01:00
07d03a7bbe
Updated TLDs.
2021-01-09 21:28:24 +01:00
4825e12612
Remove source map reference causing console noise.
2021-01-09 01:08:24 +01:00
2173e3397c
Fix per-site permissions UI glitches when base domain is added to existing subdomain (thanks barbaz for reporting).
2021-01-08 23:33:12 +01:00
53fedbc21d
Version bump: 11.1.9rc1.
2021-01-08 23:02:56 +01:00
df0f11ffce
Version bump: 11.1.8.
2021-01-07 23:36:36 +01:00
bd3b6bb3ee
[L10n] Updated de.
2021-01-07 23:36:17 +01:00
5499f5fe01
[XSS] Fix for old pre-screening optimization exploitable to bypass the filter in recent browsers (thanks Tsubasa FUJII for reporting).
2021-01-07 23:36:17 +01:00
404869418c
Replace DOM-based entity decoding with the he.js pure JS library.
2021-01-07 23:36:17 +01:00
b5e26f2260
Updated browser-polyfill.js.
2021-01-07 23:36:17 +01:00
cfc1688215
Removed obsolete fastclick.js dependency.
2021-01-07 23:36:17 +01:00
04472d4137
Update German translation
...
Since "vorübergehend" is too long for use in all fields, don't mix
and use "temporär" throughout to help understand which functions are
related.
Do not unnecessarily abbreviate "VERTR." because there is enough space.
2021-01-07 23:36:17 +01:00
39818a2144
Version bump: 11.1.8rc1.
2020-12-27 20:16:21 +01:00
5cb523bc6c
Version bump: 11.1.7.
2020-12-21 16:05:40 +01:00
8808e3073f
Updated TLDs.
2020-12-18 20:48:23 +01:00
b1d96e3033
Optimize serviceWorker tracking for heavy tabs usage (thanks vadimm and barbaz for investigation).
2020-12-18 20:47:55 +01:00
a61481919a
Force placeholder visibility on Youtube embeddings.
2020-12-18 18:26:26 +01:00
c6746a8a6e
Version bump: 11.1.7rc3.
2020-12-18 18:25:25 +01:00
8526d25f03
Fixed popup opening being slowed down if options UI is opened (thanks Sirus for report).
2020-12-10 22:21:27 +01:00
fdca98d2e3
Version bump: 11.1.7rc2.
2020-12-10 22:19:28 +01:00
938eb53576
Explicit failure for wrong settings importation formats.
2020-12-10 13:13:25 +01:00
2fd03a8e20
Version bump: 11.1.7rc1.
2020-12-10 08:57:59 +01:00
85f0d4aa6d
Version bump: 11.1.6.
2020-12-09 21:39:27 +01:00
434dddcea0
Better handling of concurrent prompts issues (thanks billarbor for reporting).
2020-12-08 23:01:58 +01:00
34c0698e4c
Version bump: 11.1.6rc6.
2020-12-08 22:56:38 +01:00
b0f21ea2eb
Remove z-index boosting from ancestors when placeholder is collapsed or replaced (issue #162 ).
2020-12-08 20:32:34 +01:00
b2f2261b32
Version bump: 11.1.6rc5.
2020-12-08 20:32:34 +01:00
d2768e5c7b
Fixed permission keyboard shortcuts being triggered with modifiers like CTRL (thanks barbaz for report).
2020-12-06 01:00:55 +01:00
2bbc099195
Version bump: 11.1.6rc4.
2020-12-06 01:00:55 +01:00
46659614b9
More accurate blockage reporting, with better filtering of page's own CSP effects.
2020-12-06 01:00:30 +01:00
51dadae00a
Version bump: 11.1.6rc3.
2020-12-04 11:47:58 +01:00
84b4a33b94
[UI] Fixed bug in CUSTOM sites filtering (thanks barbaz for reporting).
2020-12-02 23:03:29 +01:00
d514d8022e
Updated HTML events.
2020-12-02 23:03:29 +01:00
393a33e022
Updated TLDs.
2020-12-02 23:03:29 +01:00
cbbbbbd5ff
Version bump: 11.1.6rc2.
2020-12-02 23:03:29 +01:00
6041f60ddb
Updated TLDs.
2020-11-19 23:56:53 +01:00
87c914f924
[L10n] Updated sv_SE.
2020-11-19 23:56:45 +01:00
83ed39c607
Better handling 0 width / 0 height media placeholders.
2020-11-19 23:56:26 +01:00
3ec0b28981
Version bump: 11.1.6rc1.
2020-11-19 22:44:58 +01:00
9af050fb3b
Version bump: 11.1.5.
2020-11-06 12:20:47 +01:00
ee44831351
Fixed potential infinite loop via DOMContentLoaded.
2020-11-05 16:32:53 +01:00
b8727c979b
Version bump: 11.1.5rc2.
2020-11-05 16:25:27 +01:00
0a5f67db21
Work-around for Firefox 82 media redirection bug (thanks ppxxbu and skriptimaahinen).
2020-11-04 10:16:54 +01:00
9f84e09985
Updated TLDs.
2020-11-03 23:23:14 +01:00
19b34b9a3c
Version bump: 11.1.5rc1.
2020-11-03 23:23:14 +01:00
7561b52c42
Version bump: 11.1.4.
2020-10-26 12:24:09 +01:00
7310f03c9c
Fixed sloppy CSP media blocker detection breaking MSE blob: media placeholders on Chromium.
2020-10-26 10:01:57 +01:00
e33dc340dc
Version bump: 11.1.4rc3.
2020-10-26 07:34:33 +01:00
273a924324
Fixed race condition causing temporary settings not to survive updates sometimes.
2020-10-25 17:36:50 +01:00
5c3b05ba07
Version bump: 11.1.4rc2.
2020-10-25 17:18:17 +01:00
f8ffa3eb2d
Updated TLDs.
2020-10-23 23:58:04 +02:00
5b8fbd8711
[Mobile] Improved prompts appearance on Android.
2020-10-23 23:57:46 +02:00
20007d3ec2
Version bump: 11.1.4rc1.
2020-10-23 22:23:40 +02:00
14a9c79423
Version bump: 11.1.3.
2020-10-09 12:50:19 +02:00
7363457579
Version bump: 11.1.2.
2020-10-09 12:46:08 +02:00
76ef8457ff
Fixed regression: document media and font restrictions always cascaded (thanks BrainDedd for report).
2020-10-09 09:26:42 +02:00
16f796fed8
Remove domPolicy logging when debugging is off.
2020-10-09 09:23:47 +02:00
03473a8265
Updated TLDs.
2020-10-09 09:15:35 +02:00
cd6627d3d4
Version bump: 11.1.2rc1.
2020-10-09 09:15:25 +02:00
70f6464364
Version bump: 11.1.1.
2020-10-06 17:08:28 +02:00
hackademix