Mirrors
/
noscript
mirror of https://github.com/hackademix/noscript.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,081 Commits 3 Branches 561 Tags 5 MiB
Commit Graph

1000 Commits

Author SHA1 Message Date
hackademix 1ce446f871 Version bump: 10.1.8.21rc1. 2018-08-24 22:12:34 +02:00
hackademix ce16a79a7d Version bump: 10.1.8.20. 2018-08-24 03:33:37 +02:00
hackademix caed2cfa1e Fixed Sites.domainImplies() misplaced optimization. 2018-08-24 02:58:46 +02:00
hackademix d4e1ef5c87 [L10n] Added Catalan (ca) 2018-08-24 02:56:10 +02:00
hackademix de37b91121 Version bump: 10.1.8.20rc1. 2018-08-24 02:52:45 +02:00
hackademix 32ae22b7a7 Version bump: 10.1.8.19. 2018-08-23 23:41:11 +02:00
hackademix 483fad9b8a Do not fail when onHeadersProcessed is called with no stored pending request. 2018-08-23 22:55:26 +02:00
hackademix c2067c0509 Version bump: 10.1.8.19rc2. 2018-08-23 22:53:22 +02:00
hackademix 9f67a125b8 Fixed regression: framed documents' URLs not being reported in the UI. 2018-08-23 19:38:28 +02:00
hackademix dbc9575c68 Version bump: 10.1.8.19rc1. 2018-08-23 19:38:16 +02:00
hackademix 8c35cae4c1 Version bump: 10.1.8.18. 2018-08-23 18:10:06 +02:00
hackademix 286acd2079 More resilient and optimized version of Sites.domainImplies(). 2018-08-23 17:48:38 +02:00
hackademix 60c299c4f1 Update ChildPolicies when automatic temp TRUST for top-level document s is enabled. 2018-08-23 17:09:26 +02:00
hackademix 4ce026a16c Fixed messages from content scripts being "eaten" by the wrong dispatcher when UI is open (thanks skriptimaahinen). 2018-08-23 16:23:49 +02:00
hackademix fc6251c0ab Fixed typo causing accidental permissions/status mismatches being checked only while pages are still loading (thanks skriptimaahinen). 2018-08-23 15:57:09 +02:00
hackademix 80e1f10db5 Fixed typo in XSS name sanitization script injection (thanks skriptimaahinen). 2018-08-23 15:33:47 +02:00
hackademix a874f6031c Version bump: 10.1.8.18rc1. 2018-08-23 15:29:01 +02:00
hackademix 5f3c46184a Version bump: 10.1.8.17. 2018-08-22 22:53:48 +02:00
hackademix 66ddfcbecc Fix: Sites.domainImplies() should match subdomains. 2018-08-22 18:02:44 +02:00
hackademix 075a5ad0e0 More coherent wrapper around the webex messaging API. 2018-08-22 16:34:16 +02:00
hackademix 48c04726b8 Version bump: 10.1.8.17rc8. 2018-08-22 15:45:54 +02:00
hackademix 1de1db3c29 Fixed possible surprises in background script message handling. 2018-08-21 23:54:04 +02:00
hackademix 91334fe944 Fixed inconstitencies in ChildPolicies content script URL matching. 2018-08-21 23:51:59 +02:00
hackademix e742e5d801 Version bump: 10.1.8.17rc7. 2018-08-21 14:44:22 +02:00
hackademix dc4ab14c92 Simpler and more reliable safety net to ensure CSP headers are injected last among WebExtensions. 2018-08-20 23:45:33 +02:00
hackademix f7fcdb37a3 Version bump: 10.1.8.17rc6. 2018-08-20 23:41:07 +02:00
hackademix 8e1dc9e0ee Fixed regression: refresh loop on page using requests of type="object" to cache images, stylesheets and other types. 2018-08-19 01:30:14 +02:00
hackademix cf8482116d Version bump: 10.1.8.17rc5. 2018-08-19 01:28:58 +02:00
hackademix bb232e0895 More reliable attempt to run onResponseHeader listener the last of installed extension. 2018-08-18 22:52:34 +02:00
hackademix 3819592dfc [L10n] Updated ru (new) and de. 2018-08-18 22:46:29 +02:00
hackademix ee48e5c7d9 [XSS] Updated HTML events matching generation to use both latest Mozilla source code and archived data since Firefox ESR 52. 2018-08-18 15:25:03 +02:00
hackademix 6eee6147eb Version bump: 10.1.8.17rc4. 2018-08-18 11:33:24 +02:00
hackademix 8c8b959474
Merge pull request #13 from Lekensteyn/empty-tld-fixes 
Fix policy configuration for domains without dots
 2018-08-18 03:27:35 +02:00
hackademix 2f9c5299af Removed all references to RequestUtil.js and dependancies. 2018-08-18 03:20:33 +02:00
hackademix e959accb70 Hack: use top.name to store per-tab content-side configuration (e.g. unrestricted tab status). 2018-08-17 09:07:11 +02:00
hackademix 50d71ca381 [l10n] tr and br from Transifex. 2018-08-17 08:45:34 +02:00
hackademix 57d883d63e Policy serialization using the contentScripts API. 2018-08-16 23:43:36 +02:00
Peter Wu 49e34cd176 Fix policy configuration for domains without dots 
Make sure that hosts such as "_gateway" (from systemd nss-myhostname) or
"master" (a local domain from DHCP) can be configured in the popup.
 2018-08-15 18:40:48 +02:00
hackademix 2c75eedadd Version bump: 10.1.8.17rc3. 2018-08-13 01:37:45 +02:00
hackademix af4ec5c169 "High contrast appearance" option to override high contrast themes auto-detection. 2018-08-13 01:33:40 +02:00
hackademix 8caa2536bd Best effort to run webRequest.onHeaderReceived listener last (issue #6) 2018-08-07 09:53:01 +02:00
hackademix 2250d51aa4 Version bump: 10.1.8.17rc2. 2018-08-06 01:24:08 +02:00
hackademix 2990ca5f2c Fixed unlocalized NoScript Options title. 2018-08-06 01:23:59 +02:00
hackademix 99e8c8b09f Skip non-content windows when deferring startup page loading. 2018-08-01 19:07:37 +02:00
hackademix ce541c4a53 Broader detection of UTF-8 encoding in responses. 2018-08-01 18:53:38 +02:00
hackademix 9782ab02d5 Fixed inline scripts not being reported to UI (skriptimaahinen). 2018-08-01 18:13:39 +02:00
hackademix 76190a644e Improved support for debugging code removal in releases. 2018-08-01 17:48:45 +02:00
hackademix 140d8759cf Fixed startup race condition with pending request tracking. 2018-08-01 17:47:57 +02:00
hackademix bc834a034e Fixed updating NoScript reloads tabs with revoked temporary permissions. 2018-08-01 17:32:16 +02:00
hackademix a283ea1575 Version bump: 10.1.8.17rc1. 2018-07-28 23:52:06 +02:00
hackademix 6f710640fa Version bump: 10.1.8.16. 2018-07-28 14:44:22 +02:00
hackademix d64e480275 Fixed random stallings on page transitions. 2018-07-28 14:37:18 +02:00
hackademix 3eb5be743d Version bump: 10.1.8.16rc1. 2018-07-28 13:59:44 +02:00
hackademix c5b477457a Version bump: 10.1.8.15. 2018-07-28 12:58:47 +02:00
hackademix f82b1e376c Fixed browser action icon not being updated on BF cache navigation. 2018-07-28 12:50:30 +02:00
hackademix ca0273f9cd Version bump: 10.1.8.15rc1. 2018-07-28 12:42:51 +02:00
hackademix ff970df845 Version bump: 10.1.8.14. 2018-07-28 09:21:28 +02:00
hackademix 6e75750f45 Version bump: 10.1.8.13. 2018-07-28 09:16:30 +02:00
hackademix fdf4ff3a39 Fixed regression in NOSCRIPT elements emulation. 2018-07-28 09:10:31 +02:00
hackademix d39f68cb88 Version bump: 10.1.8.13rc1. 2018-07-28 09:09:26 +02:00
hackademix 3e6caf4f20 Version bump: 10.1.8.12. 2018-07-28 03:12:25 +02:00
hackademix 07a4e7ba30 Version bump: 10.1.8.11rc1. 2018-07-28 03:05:11 +02:00
hackademix 36cb28b842 Fixed some video streams not playing anymore. 2018-07-28 03:04:13 +02:00
hackademix 0b2691a775 Version bump: 10.1.8.10. 2018-07-28 02:24:41 +02:00
hackademix d45209060f Fixed window.stop() called in empty suframes. 2018-07-28 02:19:48 +02:00
hackademix 10d0809b74 Version bump: 10.1.8.10rc1. 2018-07-28 02:18:05 +02:00
hackademix 5c85ae8a8a Version bump: 10.1.8.9. 2018-07-27 11:10:37 +02:00
hackademix 21810063d0 Disable scripting in HTML-embedding objects where webglHook cannot run, if webgl not allowed. 2018-07-26 23:48:20 +02:00
hackademix 4e62643b33 Version bump: 10.1.8.9rc9. 2018-07-26 23:19:51 +02:00
hackademix d3cacf634f More edge cases covered in dynamic script injection. 2018-07-26 19:33:46 +02:00
hackademix a8a6dd4c7b Version bump: 10.1.8.9rc8. 2018-07-26 16:32:20 +02:00
hackademix 0f089105da Updated TLDs. 2018-07-26 11:45:55 +02:00
hackademix c41ec107cb [XSS] Updated HTML event attributes matching. 2018-07-26 11:45:30 +02:00
hackademix 1006f09de2 Fixed some resource loading feedback glitches. 2018-07-26 11:42:35 +02:00
hackademix 86d1390875 Version bump: 10.1.8.9rc7. 2018-07-26 11:28:27 +02:00
hackademix fb9619ec99 Merge branch 'master' of https://github.com/hackademix/noscript 
[L10n] Fixed little typos in it locale (SebastianoPistore)
 2018-07-25 14:43:30 +02:00
hackademix 51732dd2c0
Merge pull request #3 from SebastianoPistore/master 
Update ITA translation
 2018-07-25 14:41:12 +02:00
hackademix 5e5839c036 Version bump: 10.1.8.9rc6. 2018-07-25 14:38:18 +02:00
hackademix a46d085ff7 Fix for stalling embedded objects load on dynamic script injection. 2018-07-25 14:36:32 +02:00
hackademix d88a0cf6d7 Fixed infinite reload loops on scripting permissions mismatches. 2018-07-25 11:08:43 +02:00
hackademix 391c8b402a Version bump: 10.1.8.9rc5. 2018-07-25 10:39:14 +02:00
SebastianoPistore 952392b95c
Update ITA translation 
- fix little typos
 2018-07-25 10:14:20 +02:00
hackademix 8d6f963022 Work-around for serviceWorker loads bypassing webRequest. 2018-07-24 23:21:01 +02:00
hackademix ec79210bd1 [UI] More flexible CSS layout for preset buttons. 2018-07-24 23:19:53 +02:00
hackademix 32874841ca [XSS] Updated HTML events matching. 2018-07-24 23:19:03 +02:00
hackademix ea4703ecd7 Version bump: 10.1.8.9rc4. 2018-07-24 14:46:36 +02:00
hackademix 4302246ac0 More reliable handling of edge startup cases. 2018-07-22 19:14:54 +02:00
hackademix 81b3851256 Fixed dynamic script injection failing sometimes with "No matching message handler" error. 2018-07-22 17:10:05 +02:00
hackademix e7fcd76705 Updated TLDs. 2018-07-21 22:50:26 +02:00
hackademix fa45c1359e Version bump: 10.1.8.9rc3. 2018-07-21 15:44:48 +02:00
hackademix 163467f82b Fixed externally handled resources opened in popups being broken by dynamic script injection. 2018-07-20 23:35:43 +02:00
hackademix 570cf0456c Prevent multiple canScript content messages during the same page load. 2018-07-20 23:30:14 +02:00
hackademix 9382bbd911 Replaced unicode glyphs missing on some platforms and in the Tor Browser. 2018-07-20 16:19:49 +02:00
hackademix b1e4791d0a Version bump: 10.1.8.9rc2. 2018-07-20 16:03:56 +02:00
hackademix 580450b463 Refactor ContentMetadata into ResponseMetaData. 2018-07-19 01:04:35 +02:00
hackademix 0910566926 Removed useless work-around suggested in moz bug 1410755 which caused Tor Browser content process crashes. 2018-07-19 00:31:34 +02:00
hackademix c0fbf92cfa Version bump: 10.1.8.9rc1. 2018-07-19 00:07:18 +02:00
hackademix d872b70769 Version bump: 10.1.8.8. 2018-07-17 18:12:09 +02:00
hackademix 5a60d58d24 Prevent script injection from messing with content-disposition=attachment responses. 2018-07-17 12:10:17 +02:00
hackademix 493d40021a Version bump: 10.1.8.8rc1. 2018-07-17 12:03:48 +02:00
hackademix 58651ca4b4 Version bump: 10.1.8.7. 2018-07-17 00:14:23 +02:00
hackademix b807a8bf02 Version bump: 10.1.8.6. 2018-07-16 23:49:18 +02:00
hackademix 31b2f5bbd2 Fixed regression breaking meta refreshes with relative URLs. 2018-07-16 23:45:10 +02:00
hackademix 859cb65d82 Version bump: 10.1.8.6rc1. 2018-07-16 23:43:27 +02:00
hackademix 9e72e9321c Version bump: 10.1.8.5. 2018-07-16 17:34:16 +02:00
hackademix 37928bd2c3 Completed fix for quoted URLs confusing meta refresh emulation. 2018-07-16 17:24:54 +02:00
hackademix 909e96012c Version bump: 10.1.8.5rc1. 2018-07-16 17:23:50 +02:00
hackademix ad6187dfd8 Cosmetic bug fixes. 2018-07-16 15:55:01 +02:00
hackademix f6b7232857 Updated TLDs. 2018-07-16 15:53:55 +02:00
hackademix 4101c9087c Version bump: 10.1.8.4. 2018-07-16 15:53:10 +02:00
hackademix a8f1b80012 [l10n] Fixed es. 2018-07-16 15:52:26 +02:00
hackademix 72b2ecf47c Version bump: 10.1.8.3. 2018-07-16 12:23:19 +02:00
hackademix 25719ddc5e Fixed cleaning up reloadingTabs in StreamFilter.onstart() was still breaking some feeds sometimes. 2018-07-12 22:58:52 +02:00
hackademix 7e3decc8f4 [XSS] Fixed anti-HPP coalescing wrongly applied to POST requests causing JSON reduction optimization to choke on big payloads. 2018-07-12 18:58:57 +02:00
hackademix 8f6574661d Fixed first popup row not showing the initial site active preset. 2018-07-12 16:01:26 +02:00
hackademix 54dd9fa754 Removed deprecated windowType usages. 2018-07-12 15:58:42 +02:00
hackademix 66adf2720e Fixed meta-refresh emulation getting confused by quoted URLs. 2018-07-12 02:10:22 +02:00
hackademix a9e1051018 Version bump: 10.1.8.3rc11. 2018-07-12 02:09:21 +02:00
hackademix 5937dd5e08 Restored UNTRUSTED label localized string previously modified for testing. 2018-07-12 00:11:54 +02:00
hackademix 2bf06beae5 Autosize preset buttons final. 2018-07-12 00:04:53 +02:00
hackademix 9815e0f7cf Fixed race condition in work-around for broken feeds in ESR60. 2018-07-11 19:26:50 +02:00
hackademix 9a0a76ec3c Autosize preset buttons part 2. 2018-07-11 03:03:30 +02:00
hackademix 842caf7340 Made preset buttons automatically sized according to their (localized) content. 2018-07-11 00:53:25 +02:00
hackademix 74e20bb3eb Reload hack to let the RSS feed reader work on ESR60 2018-07-10 23:56:19 +02:00
hackademix d03e810f1b Changed "script count" into "blocked items count" in badge appearance option. 2018-07-10 15:47:44 +02:00
hackademix 3ae5cd55c9 Reverted <noscript> replacement to <span> over fingerprinting concerns. 2018-07-09 23:22:36 +02:00
hackademix 609a6fec3d Version bump: 10.1.8.3rc10. 2018-07-09 23:21:52 +02:00
hackademix 17a0426c32 More specific dynamic script injection exceptions. 2018-07-09 19:32:24 +02:00
hackademix c6882356d3 Fixed label sizes in de localized messages. 2018-07-09 19:30:49 +02:00
hackademix 7dfa2e640b Added two library files (one, lib/restricted.js, missing from rc8 tag) and version bump. 2018-07-09 19:29:23 +02:00
hackademix 103324e5d2 More graceful handling of internal and restricted URLs. 2018-07-09 01:36:28 +02:00
hackademix 5217db79ce Content-side DOM insertions made compatible with XML document. 2018-07-09 00:09:34 +02:00
hackademix dac392deda More specific content-type exception for dynamic script injection. 2018-07-09 00:08:26 +02:00
hackademix 48690ee92e Removed console.log() patching test code accidentally committed in media.js. 2018-07-08 22:27:53 +02:00
hackademix 10d4986b7a Added de, es, fr, it, nl, pt_BR and zh_CN locales (courtesy of Mozilla's localization campaign). 2018-07-08 22:22:54 +02:00
hackademix 183f0bc100 Truncate preset labels which exceed the button size, accomodating for longer localized strings. 2018-07-08 22:20:24 +02:00
hackademix df24338a04 Use a custom <no-script> element as <NOSCRIPT> replacement. 2018-07-08 14:07:08 +02:00
hackademix 20f80666fe Version bump: 10.1.8.3rc8. 2018-07-08 10:20:13 +02:00
hackademix cf1b413bff Fixed <NOSCRIPT> replacements to be inline elements. 2018-07-08 10:02:11 +02:00
hackademix 0ad5f95eb4 Fixed dynamic script injection breaking images shown as frame content. 2018-07-07 01:28:20 +02:00
hackademix 093b9d724e Work-around for onload not being fired on XML documents in Tor Browser/ESR60. 2018-07-06 04:01:44 +02:00
hackademix 799d99bd10 Version bump to 10.1.8.3rc7. 2018-07-06 01:01:22 +02:00
hackademix 1ee85084f7 More informative / useful popup on (semi)privileged pages. 2018-07-06 00:59:12 +02:00
hackademix 57eaa94dde Backport dynamic script injection to Tor Browser / Fx ESR60. 2018-07-03 19:36:39 +02:00
hackademix 8ae9513f75 Provide a uuid function fallback which doesn't fail in the Tor Browser. 2018-07-03 19:35:33 +02:00
hackademix 5c71c94a13 Version bumb to 10.1.8.3rc6. 2018-07-03 19:32:45 +02:00
hackademix e2a8c5768f XSS filter autoupdated to latest HTML events supported by the browser 2018-07-03 17:06:46 +02:00
hackademix e0ae64871e Fixed regression: dynamic script injection breaking images loaded as frame content. 2018-07-03 17:02:58 +02:00
hackademix 81bd93a72d Simplified and apparently more reliable+flexible+efficient dynamic script injection method. 2018-07-02 01:50:32 +02:00
hackademix eceae7187a Initial commit starting at version 10.1.8.3rc4. 2018-07-01 01:01:23 +02:00