hackademix
|
45f3ebd408
|
[XSS] Better specificity of potential fragmented injection through framework syntax detection (thanks Rom623, barbaz et al).
|
2023-09-02 22:41:51 +02:00 |
hackademix
|
93b3d888e3
|
[nscl] RegExp.combo(): RegExp creation by combination for better readability and comments.
|
2023-09-02 22:41:51 +02:00 |
hackademix
|
2d617c0c94
|
Version bump: 11.4.27rc2.
|
2023-09-02 22:41:46 +02:00 |
Giorgio Maone
|
b321a0becf
|
Updated browser support badges in README.md
|
2023-08-22 11:17:11 +02:00 |
Giorgio Maone
|
dfe4c5af3e
|
Update FUNDING.yml (liberapay: maone -> NoScript)
|
2023-08-22 10:51:59 +02:00 |
hackademix
|
1f7bbe48d9
|
[nscl] Replaced lib/sha256.js with web platform native implementation (thanks Martin for suggested patch).
|
2023-08-08 23:32:40 +02:00 |
hackademix
|
477eacab40
|
[nscl] Fixed property/function mismatch (thanks Alex).
|
2023-08-07 12:04:51 +02:00 |
hackademix
|
aaef841385
|
Fixed operators precedence issue #312 (thanks Alex).
|
2023-08-07 12:00:20 +02:00 |
hackademix
|
f19122ad7a
|
[nscl] Prevent dead object access on BF cache (thanks jamhubub and mriehm).
|
2023-07-23 23:17:26 +02:00 |
hackademix
|
8836fec365
|
Version bump: 11.4.27rc1.
|
2023-07-23 22:48:49 +02:00 |
hackademix
|
1ea3651518
|
Version bump: 11.4.26.
|
2023-07-20 09:13:40 +02:00 |
hackademix
|
45861afeaa
|
[Android] Fixed regression preventing NoScript prompts from being shown.
|
2023-07-19 22:41:02 +02:00 |
hackademix
|
f6ece0ebb7
|
Version bump: 11.4.26rc2.
|
2023-07-19 22:36:27 +02:00 |
hackademix
|
692803c6f2
|
[XSS] Fallback to execute most demanding regular expressions asynchronously.
|
2023-07-19 20:08:11 +02:00 |
hackademix
|
96baaa2d51
|
[XSS] Removed obsolete Flash-related checks.
|
2023-07-16 22:11:07 +02:00 |
hackademix
|
1bd6061414
|
[XSS] Make InjectionChecker's regular expressions easier to debug.
|
2023-07-16 17:57:07 +02:00 |
hackademix
|
61ddfea620
|
[XSS] Updated OpenID regexp.
|
2023-07-15 18:31:28 +02:00 |
hackademix
|
bed8935e30
|
Version bump: 11.4.26rc1.
|
2023-07-15 18:29:18 +02:00 |
hackademix
|
be7390ebe7
|
Version bump: 11.4.25.
|
2023-07-10 00:36:44 +02:00 |
hackademix
|
967c008531
|
Reload extension on fatal failures.
|
2023-07-10 00:33:05 +02:00 |
hackademix
|
7b926f217f
|
[Android] Fixed UI styling regression.
|
2023-07-10 00:32:48 +02:00 |
hackademix
|
d5dcd4f09d
|
Version bump: 11.4.25rc2.
|
2023-07-09 23:21:46 +02:00 |
hackademix
|
ba71f20474
|
Fixed UI inconsistencies when finer-grained contextual policies are created/imported by other means (thans barbaz for reporting).
|
2023-07-02 16:25:01 +02:00 |
hackademix
|
2fd3b981af
|
Version bump: 11.4.25rc1.
|
2023-07-02 11:39:38 +02:00 |
hackademix
|
9eed39e418
|
Version bump: 11.4.24.
|
2023-06-29 17:48:38 +02:00 |
hackademix
|
c4d8605e51
|
[XSS] Fix Base64 hash checks interfering with query string checks (thanks barbaz for reporting).
|
2023-06-29 17:33:56 +02:00 |
hackademix
|
bdda426611
|
Version bump: 11.4.24rc2.
|
2023-06-29 17:33:56 +02:00 |
hackademix
|
db06a6a252
|
[TabGuard] Stop exempting domains bidirectionally by default.
|
2023-06-28 16:32:20 +02:00 |
hackademix
|
3cd1a6049d
|
[TabGuard] Fix destination domain being reported as the trigger of a warning prompt when all the other tab-tied domains have been exempted (thanks barbaz for report).
|
2023-06-28 16:31:18 +02:00 |
hackademix
|
448e959a71
|
Version bump: 11.4.24rc1.
|
2023-06-27 10:57:52 +02:00 |
hackademix
|
d386f64019
|
Version bump: 11.4.23.
|
2023-06-27 10:49:02 +02:00 |
hackademix
|
c46b2eebce
|
[TabGuard] Exclude non-scriptable content types from suspects.
|
2023-06-27 10:41:51 +02:00 |
hackademix
|
73da318de5
|
[TabGuard] Check for chains of about:blank puppet tabs.
|
2023-06-22 22:48:31 +02:00 |
hackademix
|
327c3e19ea
|
Version bump: 11.4.23rc5.
|
2023-06-22 22:47:13 +02:00 |
hackademix
|
a57c4cba84
|
Mirror NoScript's badge copntent in the context menu to provide more info (e.g. on XSS or TG status) whenever the toolbar icon is hidden.
|
2023-06-16 09:10:43 +02:00 |
hackademix
|
c6add32551
|
Version bump: 11.4.23rc4.
|
2023-06-16 00:32:26 +02:00 |
hackademix
|
87307294cc
|
[TabGuard] Short circuit requests in non-anonymized tabs.
|
2023-06-15 23:23:19 +02:00 |
hackademix
|
df3c164304
|
[TabGuard] Decouple tab ties cutting from one-shot authorized loads cases for same-site navigation.
|
2023-06-15 23:19:11 +02:00 |
hackademix
|
417d592363
|
Version bump: 11.4.23rc3.
|
2023-06-15 21:42:14 +02:00 |
hackademix
|
1d330739ec
|
[TabGuard] Load with credentials when reloading from NoScript's UI.
|
2023-06-15 00:48:15 +02:00 |
hackademix
|
de872964e9
|
[TabGuard] "TG" badge on the NoScript icon when the selected tab is anonymized.
|
2023-06-15 00:38:53 +02:00 |
hackademix
|
3d00084ed5
|
[TabGuard] Cut ties and restore authorization info on manual reloads.
|
2023-06-15 00:38:53 +02:00 |
hackademix
|
abf2bac30e
|
[TabGuard] Remove Set-Cookie headers from anonymized requests to prevent unreversible authorization loss.
|
2023-06-15 00:38:53 +02:00 |
hackademix
|
728f9ee9c0
|
[TabGuard] Keep track of anonymized requests.
|
2023-06-15 00:38:51 +02:00 |
hackademix
|
3cf268e9df
|
[TabGuard] Keep track of anonymized tabs.
|
2023-06-15 00:37:49 +02:00 |
hackademix
|
e2870d2466
|
[TabGuard] Fix "never prompt" option's label not being clickable.
|
2023-06-09 14:49:32 +02:00 |
hackademix
|
895b3c956a
|
Version bump: 11.4.23rc2.
|
2023-05-22 13:42:53 +02:00 |
hackademix
|
3a83c0e4a5
|
[TabGuard] Introduce prompt granularity options (default: prompt only on POST requests).
|
2023-05-21 23:28:36 +02:00 |
hackademix
|
e7591e0fdd
|
Removed invalid CSS.
|
2023-05-21 23:03:17 +02:00 |
hackademix
|
7d335ed787
|
Avoid unnecessary prompt resizing.
|
2023-05-21 21:33:23 +02:00 |