Commit Graph

226 Commits

Author SHA1 Message Date
hackademix 5629377921 Version bump: 10.1.9.4. 2018-09-09 15:04:17 +02:00
hackademix 9b3b5e0503 Prevent total breakages when policies accidentally map to invalid match patterns. 2018-09-09 15:00:08 +02:00
hackademix 1cfb3117ef Prevent multiple CSP entries to be injected in the DOM on each reload if scripting is disabled. 2018-09-09 14:58:55 +02:00
hackademix 002c8f8b67 Message loops checks coping with multiple options window. 2018-09-09 14:57:09 +02:00
hackademix c5cbb8abfc Version bump: 10.1.9.4rc1. 2018-09-09 12:23:33 +02:00
hackademix 1323fb8142 Version bump: 10.1.9.3. 2018-09-09 08:23:06 +02:00
hackademix eb85395a01 Fixed message handling regression causing incompatibilities with embedders and potential internal loops. 2018-09-09 08:21:03 +02:00
hackademix ffc688d57a Version bump: 10.1.9.3rc1. 2018-09-09 08:04:55 +02:00
hackademix 5a76ed6778 Version bump: 10.1.9.2. 2018-09-09 00:55:41 +02:00
hackademix 4f7d8579af More efficient window.name persistence for tab-scoped permissions. 2018-09-08 23:09:39 +02:00
hackademix b60cbbd49e Site parsing more resilient to bogus input. 2018-09-08 14:37:33 +02:00
hackademix 746655c885 Fixed regression: undefined fake request.url ends to for inline scripts CSP reports. 2018-09-08 14:36:47 +02:00
hackademix 28c9a50b17 Version bump: 10.1.9.2rc4. 2018-09-08 13:03:25 +02:00
hackademix 7514aa20f9 Saner message dispatching. 2018-09-08 11:50:40 +02:00
hackademix 9edcf2f1f7 Restored it locale. 2018-09-05 17:09:45 +02:00
hackademix 97d4c22669 Work-around for a potential race condition in message handling on extension updates. 2018-09-05 15:51:43 +02:00
hackademix ec0d7b4aff Fixed possible null reference errors in Sites.origin(). 2018-09-05 15:50:27 +02:00
hackademix ce5d46ead2 Init the CUSTOM preset not just with the capabilities, but also with the "temporary" status of the previously selected one. 2018-09-05 15:43:55 +02:00
hackademix 6ffe07f8f6 Reduced noise from tld.js regular expressions generation. 2018-09-05 15:08:41 +02:00
hackademix 99a81a6f1f Stop tracking tld.js build-time intermediate files. 2018-09-05 11:38:59 +02:00
hackademix b779e7122f Fixed bug in requestKey generation. 2018-09-05 11:31:28 +02:00
hackademix c98bddeb4d Version bump: 10.1.9.2rc3. 2018-09-05 11:26:04 +02:00
hackademix 3bf909c927 [l10n] Transifex integration. 2018-09-05 00:44:27 +02:00
hackademix f95f7b809d Ensure we remove the HEAD element parent of our META CSP policy only if we created it. 2018-09-04 22:43:00 +02:00
hackademix 1814bfa03d Work-around for CSP not being honored when the HEAD element has not been inserted yet. 2018-09-04 19:48:07 +02:00
hackademix 26470b84f6 Transparent support for FQDNs and better management of file:/// URLs. 2018-09-04 19:28:16 +02:00
hackademix df149a5a55 Version bump: 10.1.9.2rc2. 2018-09-04 01:41:52 +02:00
hackademix 81ac052e1d Better file: protocol support. 2018-09-04 00:22:39 +02:00
hackademix 16cdbbe1cb Full-page placeholders for embedding documents. 2018-09-03 14:04:00 +02:00
hackademix b5d1fe6269 Version bump: 10.1.9.2rc1. 2018-09-03 13:50:09 +02:00
hackademix 1f71590a48 Version bump: 10.1.9.1. 2018-08-30 17:37:43 +02:00
hackademix b7ad727f58 Updated tld_template.js. 2018-08-30 17:36:17 +02:00
hackademix 87d3401c0b Merge branch 'master' of https://github.com/hackademix/noscript
Merge pull request #17 from Lekensteyn/fix-serviceworker-check
2018-08-30 17:26:13 +02:00
hackademix 00444819fb Version bump: 10.1.9.1rc1 2018-08-30 17:25:38 +02:00
hackademix f18fa60109 Merge branch 'fix/tld'
Fixed breakage in tld.js generation when for any reason the source pubblic suffix list contains CRLF characters.
2018-08-30 17:21:45 +02:00
hackademix 379addaf3f
Merge pull request #17 from Lekensteyn/fix-serviceworker-check
Fix fallback scripts when ServiceWorkers are unavailable
2018-08-30 17:19:51 +02:00
Peter Wu 6a0252c6de Fix fallback scripts when ServiceWorkers are unavailable
ServiceWorkers are not available in private browsing mode (and can be
disabled otherwise via about:config), be sure to check its availability.
Otherwise fallback scripts are not invoked which prevents redirections
in <noscript> tags from being executed (as observed with t.co).
2018-08-30 16:36:29 +02:00
hackademix eb158d9fa3 Version bump: 10.1.9. 2018-08-29 18:24:37 +02:00
hackademix a103af9154 Fixed public suffix parsing potentially broken by CRLF. 2018-08-29 18:21:24 +02:00
hackademix be3ab16315 Fixed typo in restricted.js inclusion. 2018-08-29 00:16:48 +02:00
hackademix 215b8ac18e Version bump: 10.1.9rc6. 2018-08-29 00:11:21 +02:00
hackademix b1b059ae80 Version bump: 10.1.9rc5. 2018-08-29 00:02:13 +02:00
hackademix 22df979973 Better timing feedback for permissions changes in the popup UI. 2018-08-28 23:40:20 +02:00
hackademix 5c3d5354f2 Reload-less service worker busting. 2018-08-28 23:28:06 +02:00
hackademix 9b32ee8794 Version bump: 10.1.9rc4. 2018-08-28 23:27:36 +02:00
hackademix e8716657e4 Reordered startup sequence to be more friendly with embedders like the Tor Browser. 2018-08-28 17:21:56 +02:00
hackademix 5bfba8a40f
Merge pull request #16 from rustybird/started
Broadcast a "started" message after initialization
2018-08-28 00:34:17 +02:00
Rusty Bird 26bfd899f9
Broadcast a "started" message after initialization
Other extensions listening in on NoScript's messages (e.g. Torbutton)
can take this message as an indication that it's now safe to send an
"updateSettings" message to NoScript without immediately getting
clobbered by the configuration loader.

See https://trac.torproject.org/projects/tor/ticket/26520 for context.
2018-08-27 22:29:16 +00:00
hackademix e2b63cf982 Further CSP refactoring and removal of obsolete fallbacks. 2018-08-27 18:55:00 +02:00
hackademix 6e80d3f130 Let content script inject failsafe CSP in the DOM. 2018-08-27 18:55:00 +02:00