NoScript Security Suite Version History

847 versions

Be careful with old versions!

These versions are displayed for reference and testing purposes. You should always use the latest version of an add-on.

Version 2.0.9.8rc1 497.7 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b3

v 2.0.9.8rc1
==========================================================================
x [UI] Fixed toolbar button being added on the right of the window resizer
when Fx 4 is run for the first time with NoScript and the add-on bar is
visible
+ [UI] Hitting the "show UI" shortcut (ctrl+shift+S) a second time
dismisses NoScript's popup menu (thanks jso for RFE)
x Restored header reordering after DNT header is added, in order to match
Firefox 4's header fingerprint

Version 2.0.9.7 496.6 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b3

v 2.0.9.7
==========================================================================
x Fixed status label menu popping up in a wrong position
x Updated locales

v 2.0.9.7rc5
==========================================================================
x Fixed external filters submenu not removed when external filters are
disabled
x Blocked objects menus show IFRAME/FRAME rather than mime type info for
blocked frames (thanks al_9x for suggestion)
+ Restored legacy status label by popular request
+ Sticky menu can be triggered by left clicking on status label now

v 2.0.9.7rc4
==========================================================================
x Work-around for menu icons hidden with some Linux distros and themes
(thanks nickr for reporting)
x Changed the X-Do-Not-Track header name to DNT in anticipation of an IETF
Internet-Draft, per Jonathan Mayer
x noscript.doNotTrack.forced gets honored for local addresses now (thanks
Heptite for RFE)
x Fixed partial external filter definition could not be saved
x Fixed empty external filter whitelist could not be validated

v 2.0.9.7rc3
==========================================================================
x Fixed exception on cross-site POST requests from URIs not supporting
the host component (thanks JeffCO for reporting)
x Fixed JS redirection detection being activated also on whitelisted
pages sometimes (thanks scratchpaper for reporting)

v 2.0.9.7rc2
==========================================================================
+ 64x64 icon for Fx 4's add-ons manager
x Fixed bookmarklet execution machinery active even when JavaScript is
disabled by Firefox's content options (thanks Martin Focke foir report)
x Tentative work-around for toolbar button being oriented vertically in
some themes, disrupting toolbar's layout
x More updated locales

v 2.0.9.7rc1
==========================================================================
x Fixed a ClearClick bypass possible to whitelisted attackers who can run
JavaScript (thanks Atul Agarwal for reporting)
x Updated locales
x Improved K-Meleon portability (thanks jk- for RFE)

Version 2.0.9.7rc6 496.6 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9.7rc6 (same as 2.0.9.7 final)
==========================================================================
x Fixed status label menu popping up in a wrong position
x Updated locales

v 2.0.9.7rc5
==========================================================================
x Fixed external filters submenu not removed when exteral filters are
disabled
x Blocked objects menus show IFRAME/FRAME rather than mime type info for
blocked frames (thanks al_9x for suggestion)
+ Restored legacy status label by popular request
+ Sticky menu can be triggered by left clicking on status label now

v 2.0.9.7rc4
==========================================================================
x Work-around for menu icons hidden with some Linux distros and themes
(thanks nickr for reporting)
x Changed the X-Do-Not-Track header name to DNT in anticipation of an IETF
Internet-Draft, per Jonathan Mayer
x noscript.doNotTrack.forced gets honored for local addresses now (thanks
Heptite for RFE)
x Fixed partial external filter definition could not be saved
x Fixed empty external filter whitelist could not be validated

v 2.0.9.7rc3
==========================================================================
x Fixed exception on cross-site POST requests from URIs not supporting
the host component (thanks JeffCO for reporting)
x Fixed JS redirection detection being activated also on whitelisted
pages sometimes (thanks scratchpaper for reporting)

v 2.0.9.7rc2
==========================================================================
+ 64x64 icon for Fx 4's add-ons manager
x Fixed bookmarklet execution machinery active even when JavaScript is
disabled by Firefox's content options (thanks Martin Focke foir report)
x Tentative work-around for toolbar button being oriented vertically in
some themes, disrupting toolbar's layout
x More updated locales

v 2.0.9.7rc1
==========================================================================
x Fixed a ClearClick bypass possible to whitelisted attackers who can run
JavaScript (thanks Atul Agarwal for reporting)
x Updated locales
x Improved K-Meleon portability (thanks jk- for RFE)

Version 2.0.9.7rc5 496.6 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9.7rc5
==========================================================================
x Fixed external filters submenu not removed when exteral filters are
disabled
x Blocked objects menus show IFRAME/FRAME rather than mime type info for
blocked frames (thanks al_9x for suggestion)
+ Restored legacy status label by popular request
+ Sticky menu can be triggered by left clicking on status label now

Version 2.0.9.7rc4 496.6 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9.7rc4
==========================================================================
x Work-around for menu icons hidden with some Linux distros and themes
(thanks nickr for reporting)
x Changed the X-Do-Not-Track header name to DNT in anticipation of an IETF
Internet-Draft, per Jonathan Mayer
x noscript.doNotTrack.forced gets honored for local addresses now (thanks
Heptite for RFE)
x Fixed partial external filter definition could not be saved
x Fixed empty external filter whitelist could not be validated

v 2.0.9.7rc3
==========================================================================
x Fixed exception on cross-site POST requests from URIs not supporting
the host component (thanks JeffCO for reporting)
x Fixed JS redirection detection being activated also on whitelisted
pages sometimes (thanks scratchpaper for reporting)

v 2.0.9.7rc2
==========================================================================
+ 64x64 icon for Fx 4's add-ons manager
x Fixed bookmarklet execution machinery active even when JavaScript is
disabled by Firefox's content options (thanks Martin Focke foir report)
x Tentative work-around for toolbar button being oriented vertically in
some themes, disrupting toolbar's layout
x More updated locales

v 2.0.9.7rc1
==========================================================================
x Fixed a ClearClick bypass possible to whitelisted attackers who can run
JavaScript (thanks Atul Agarwal for reporting)
x Updated locales
x Improved K-Meleon portability (thanks jk- for RFE)

Version 2.0.9.7rc3 495.6 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9.7rc3
==========================================================================
x Fixed exception on cross-site POST requests from URIs not supporting
the host component (thanks JeffCO for reporting)
x Fixed JS redirection detection being activated also on whitelisted
pages sometimes (thanks scratchpaper for reporting)

v 2.0.9.7rc2
==========================================================================
+ 64x64 icon for Fx 4's add-ons manager
x Fixed bookmarklet execution machinery active even when JavaScript is
disabled by Firefox's content options (thanks Martin Focke foir report)
x Tentative work-around for toolbar button being oriented vertically in
some themes, disrupting toolbar's layout
x More updated locales

v 2.0.9.7rc1
==========================================================================
x Fixed a ClearClick bypass possible to whitelisted attackers who can run
JavaScript (thanks Atul Agarwal for reporting)
x Updated locales
x Improved K-Meleon portability (thanks jk- for RFE)

Version 2.0.9.7rc1 486.4 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9.7rc1
==========================================================================
x Fixed a ClearClick bypass possible to whitelisted attackers who can run
JavaScript (thanks Atul Agarwal for reporting)
x Updated locales
x Improved K-Meleon portability (thanks jk- for RFE)

Version 2.0.9.6 482.3 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9.6
==========================================================================
x X-Do-Not-Track after a DNS cache miss causing some embedded content
requests to fail
+ Contribution button on the bottom of the Options dialog

v 2.0.9.5
==========================================================================
x Fixed NoScript toolbar buttons having wrong orientation in "icon and
text" mode

v 2.0.9.4
==========================================================================
x Fixed toolbar button does not open the menu (unless you click the little
arrow) if you disable hovering and toggling (thanks bleh for report)
- Removed dynamic localization fallback at runtime
+ Added static localization fallback to the build system
x Localization layout cleanup
x Legacy files cleanup

v 2.0.9.4rc2
==========================================================================
x Removed toolbarbutton-specific stylings
+ Better web compatibility for X-Content-Options
+ Better home router compatibility for X-Do-Not-Track

v 2.0.9.4rc1
==========================================================================
x Fixed DoNotTrack exceptions/forced patterns not being enforced
x Tentative work-around for basic HTTP authentication failing with some
servers when X-Do-Not-Track is sent

Version 2.0.9.6rc1 482.3 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9.6rc1 (same as 2.0.9.6 final)
==========================================================================
x X-Do-Not-Track after a DNS cache miss causing some embedded content
requests to fail

Version 2.0.9.4rc3 482.3 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9.4rc3
==========================================================================
x Fixed toolbar button does not open the menu (unless you click the little
arrow) if you disable hovering and toggling (thanks bleh for report)
- Removed dynamic localization fallback at runtime
+ Added static localization fallback to the build system
x Localization layout cleanup
x Legacy files cleanup

v 2.0.9.4rc2
==========================================================================
x Removed toolbarbutton-specific stylings
+ Better web compatibility for X-Content-Options
+ Better home router compatibility for X-Do-Not-Track

v 2.0.9.4rc1
==========================================================================
x Fixed DoNotTrack exceptions/forced patterns not being enforced
x Tentative work-around for basic HTTP authentication failing with some
servers when X-Do-Not-Track is sent

Version 2.0.9.3 484.4 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9.3
==========================================================================
x Fixed some cross-site requests containing JSON-like fragments broken

Version 2.0.9.3rc1 484.4 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

2.0.9.3rc1
==========================================================================
x Fixed some cross-site requests containing JSON-like fragments broken

Version 2.0.9.2 484.4 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9.2
==========================================================================
x Fixed forbid META refresh inside NOSCRIPT elements regression

v 2.0.9.1
==========================================================================
x Fixed partial options dialog breakage (ClearClick and Import/Export)

v 2.0.9
==========================================================================
- Removed JAR blocking (obsolete in supported browser versions)
- Removed emulated TLD service
x Hidden status bar icon option on applications which have no status bar
x Fixed noscript.doNotTrack.* preferences not being honored

v 2.0.9rc5
==========================================================================
x Fixed wrong popup position on status bar icon (Fx 3.6.x and below only)

v 2.0.9rc4
==========================================================================
+ X-Do-Not-Track and X-Behavioral-Ad-Opt-Out (tracking opt-out) support,
controlled by the noscript.doNotTrack.* about:config preferences
x Restored "left+click on NoScript icon reopens the menu in legacy mode
even if it's already opened in hover mode" feature
x Fixed bug preventing channel replacement when the HTTP method changes
+ Embedded permissions are now bound to the embedding site (thanks al_9x
for RFE)
x Fixed permissions keys for Flash embeddings include FlashVars PARAMETER
elements, rather than just attributes (thanks breakBug for report)
x Fixed embedding permission changes not honoring disabled autoreload
preferences (thanks MMlosh for reporting)

v 2.0.9rc3
==========================================================================
+ Middle clicking toolbar button temporarily allows all on current page
- Removed forced embedding opacization legacy feature
- Removed tooltips from icons spawning hover UI
- Disabled permission toggling on left+click for hover UI toolbar buttons
(can be reenabled by setting noscript.hoverUI.excludeToggling to true)
x Fixed notification regression

v 2.0.9rc2
==========================================================================
x No extra spacer added on addon-bar during first customization
x Long menus automatically scroll to the bottom when opened from the
bottom of the browser
x Fixed legacy status bar icon switching permissions on left+click like
the toolbar button
x Fixed legacy status bar icon always getting "after_start" popup position

v 2.0.9rc1
==========================================================================
+ Improved anti-popunder surrogate
+ Check for UI accessibility of Firefox 4 with hidden addon-bar and
automatic installation of toolbar button on fail
x Fixed whitelisted iframe blocking getting in the way of web content
embedded by privileged tabs (e.g. Firefox 4's add-on manager)
x [ClearClick] slightly shorter viewport to accomodate Facebook's "Like"
mini buttons
x Fixed tooltips getting in the way of hover UI
- Removed status bar label
x Fixed regression: permissions changes on sites with non-standard ports
failed to trigger page reload (thanks Andrew Black for reporting)
x Fixed layout issue triggered by JS redirect detection (thanks Teknorat
for reporting)

Version 2.0.9.2rc1 484.4 kB Works with Firefox 3.0 and later, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9.2rc1 (same as 2.0.9.2 final)
==========================================================================
x Fixed forbid META refresh inside NOSCRIPT elements regression

v 2.0.9.1rc1 (same as 2.0.9.1 final)
==========================================================================
x Fixed partial options dialog breakage (ClearClick and Import/Export)

v 2.0.9rc6
==========================================================================
- Removed JAR blocking (obsolete in supported browser versions)
- Removed emulated TLD service
x Hidden status bar icon option on applications which have no status bar
x Fixed noscript.doNotTrack.* preferences not being honored

v 2.0.9rc5
==========================================================================
x Fixed wrong popup position on status bar icon (Fx 3.6.x and below only)

v 2.0.9rc4
==========================================================================
+ X-Do-Not-Track and X-Behavioral-Ad-Opt-Out (tracking opt-out) support,
controlled by the noscript.doNotTrack.* about:config preferences
x Restored "left+click on NoScript icon reopens the menu in legacy mode
even if it's already opened in hover mode" feature
x Fixed bug preventing channel replacement when the HTTP method changes
+ Embedded permissions are now bound to the embedding site (thanks al_9x
for RFE)
x Fixed permissions keys for Flash embeddings include FlashVars PARAMETER
elements, rather than just attributes (thanks breakBug for report)
x Fixed embedding permission changes not honoring disabled autoreload
preferences (thanks MMlosh for reporting)

v 2.0.9rc3
==========================================================================
+ Middle clicking toolbar button temporarily allows all on current page
- Removed forced embedding opacization legacy feature
- Removed tooltips from icons spawning hover UI
- Disabled permission toggling on left+click for hover UI toolbar buttons
(can be reenabled by setting noscript.hoverUI.excludeToggling to true)
x Fixed notification regression

v 2.0.9rc2
==========================================================================
x No extra spacer added on addon-bar during first customization
x Long menus automatically scroll to the bottom when opened from the
bottom of the browser
x Fixed legacy status bar icon switching permissions on left+click like
the toolbar button
x Fixed legacy status bar icon always getting "after_start" popup position

v 2.0.9rc1
==========================================================================
+ Improved anti-popunder surrogate
+ Check for UI accessibility of Firefox 4 with hidden addon-bar and
automatic installation of toolbar button on fail
x Fixed whitelisted iframe blocking getting in the way of web content
embedded by privileged tabs (e.g. Firefox 4's add-on manager)
x [ClearClick] slightly shorter viewport to accomodate Facebook's "Like"
mini buttons
x Fixed tooltips getting in the way of hover UI
- Removed status bar label
x Fixed regression: permissions changes on sites with non-standard ports
failed to trigger page reload (thanks Andrew Black for reporting)
x Fixed layout issue triggered by JS redirect detection (thanks Teknorat
for reporting)

Version 2.0.9.1rc1 484.4 kB Works with Firefox 3.0 - 4.0b9pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9.1rc1 (same as 2.0.9.1 final)
==========================================================================
x Fixed partial options dialog breakage (ClearClick and Import/Export)

v 2.0.9rc6
==========================================================================
- Removed JAR blocking (obsolete in supported browser versions)
- Removed emulated TLD service
x Hidden status bar icon option on applications which have no status bar
x Fixed noscript.doNotTrack.* preferences not being honored

v 2.0.9rc5
==========================================================================
x Fixed wrong popup position on status bar icon (Fx 3.6.x and below only)

v 2.0.9rc4
==========================================================================
+ X-Do-Not-Track and X-Behavioral-Ad-Opt-Out (tracking opt-out) support,
controlled by the noscript.doNotTrack.* about:config preferences
x Restored "left+click on NoScript icon reopens the menu in legacy mode
even if it's already opened in hover mode" feature
x Fixed bug preventing channel replacement when the HTTP method changes
+ Embedded permissions are now bound to the embedding site (thanks al_9x
for RFE)
x Fixed permissions keys for Flash embeddings include FlashVars PARAMETER
elements, rather than just attributes (thanks breakBug for report)
x Fixed embedding permission changes not honoring disabled autoreload
preferences (thanks MMlosh for reporting)

v 2.0.9rc3
==========================================================================
+ Middle clicking toolbar button temporarily allows all on current page
- Removed forced embedding opacization legacy feature
- Removed tooltips from icons spawning hover UI
- Disabled permission toggling on left+click for hover UI toolbar buttons
(can be reenabled by setting noscript.hoverUI.excludeToggling to true)
x Fixed notification regression

v 2.0.9rc2
==========================================================================
x No extra spacer added on addon-bar during first customization
x Long menus automatically scroll to the bottom when opened from the
bottom of the browser
x Fixed legacy status bar icon switching permissions on left+click like
the toolbar button
x Fixed legacy status bar icon always getting "after_start" popup position

v 2.0.9rc1
==========================================================================
+ Improved anti-popunder surrogate
+ Check for UI accessibility of Firefox 4 with hidden addon-bar and
automatic installation of toolbar button on fail
x Fixed whitelisted iframe blocking getting in the way of web content
embedded by privileged tabs (e.g. Firefox 4's add-on manager)
x [ClearClick] slightly shorter viewport to accomodate Facebook's "Like"
mini buttons
x Fixed tooltips getting in the way of hover UI
- Removed status bar label
x Fixed regression: permissions changes on sites with non-standard ports
failed to trigger page reload (thanks Andrew Black for reporting)
x Fixed layout issue triggered by JS redirect detection (thanks Teknorat
for reporting)

Version 2.0.9rc6 484.4 kB Works with Firefox 3.0 - 4.0b9pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9rc6 (same as 2.0.9 final)
==========================================================================
- Removed JAR blocking (obsolete in supported browser versions)
- Removed emulated TLD service
x Hidden status bar icon option on applications which have no status bar
x Fixed noscript.doNotTrack.* preferences not being honored

v 2.0.9rc5
==========================================================================
x Fixed wrong popup position on status bar icon (Fx 3.6.x and below only)

v 2.0.9rc4
==========================================================================
+ X-Do-Not-Track and X-Behavioral-Ad-Opt-Out (tracking opt-out) support,
controlled by the noscript.doNotTrack.* about:config preferences
x Restored "left+click on NoScript icon reopens the menu in legacy mode
even if it's already opened in hover mode" feature
x Fixed bug preventing channel replacement when the HTTP method changes
+ Embedded permissions are now bound to the embedding site (thanks al_9x
for RFE)
x Fixed permissions keys for Flash embeddings include FlashVars PARAMETER
elements, rather than just attributes (thanks breakBug for report)
x Fixed embedding permission changes not honoring disabled autoreload
preferences (thanks MMlosh for reporting)

v 2.0.9rc3
==========================================================================
+ Middle clicking toolbar button temporarily allows all on current page
- Removed forced embedding opacization legacy feature
- Removed tooltips from icons spawning hover UI
- Disabled permission toggling on left+click for hover UI toolbar buttons
(can be reenabled by setting noscript.hoverUI.excludeToggling to true)
x Fixed notification regression

v 2.0.9rc2
==========================================================================
x No extra spacer added on addon-bar during first customization
x Long menus automatically scroll to the bottom when opened from the
bottom of the browser
x Fixed legacy status bar icon switching permissions on left+click like
the toolbar button
x Fixed legacy status bar icon always getting "after_start" popup position

v 2.0.9rc1
==========================================================================
+ Improved anti-popunder surrogate
+ Check for UI accessibility of Firefox 4 with hidden addon-bar and
automatic installation of toolbar button on fail
x Fixed whitelisted iframe blocking getting in the way of web content
embedded by privileged tabs (e.g. Firefox 4's add-on manager)
x [ClearClick] slightly shorter viewport to accomodate Facebook's "Like"
mini buttons
x Fixed tooltips getting in the way of hover UI
- Removed status bar label
x Fixed regression: permissions changes on sites with non-standard ports
failed to trigger page reload (thanks Andrew Black for reporting)
x Fixed layout issue triggered by JS redirect detection (thanks Teknorat
for reporting)

Version 2.0.9rc5 501.8 kB Works with Firefox 3.0 - 4.0b9pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9rc5
==========================================================================
x Fixed wrong popup position on status bar icon (Fx 3.6.x and below only)

v 2.0.9rc4
==========================================================================
+ X-Do-Not-Track and X-Behavioral-Ad-Opt-Out (tracking opt-out)support,
controlled by the noscript.doNotTrack.* about:config preferences
x Restored "left+click on NoScript icon reopens the menu in legacy mode
even if it's already opened in hover mode" feature
x Fixed bug preventing channel replacement when the HTTP method changes
+ Embedded permissions are now bound to the embedding site (thanks al_9x
for RFE)
x Fixed permissions keys for Flash embeddings include FlashVars PARAMETER
elements, rather than just attributes (thanks breakBug for report)
x Fixed embedding permission changes not honoring disabled autoreload
preferences (thanks MMlosh for reporting)

v 2.0.9rc3
==========================================================================
+ Middle clicking toobar button allows all on current page
- Removed forced embedding opacization legacy feature
- Removed tooltips from icons spawning hover UI
- Disabled permission toggling on left+click for hover UI toolbar buttons
(can be reenabled by setting noscript.hoverUI.excludeToggling to true)
x Fixed notification regression

v 2.0.9rc2
==========================================================================
x No extra spacer added on addon-bar during first customization
x Long menus automatically scroll to the bottom when opened from the
bottom of the browser
x Fixed legacy status bar icon switching permissions on left+click like
the toolbar button
x Fixed legacy status bar icon always getting "after_start" popup position

v 2.0.9rc1
==========================================================================
+ Improved anti-popunder surrogate
+ Check for UI accessibility of Firefox 4 with hidden addon-bar and
automatic installation of toolbar button on fail
x Fixed whitelisted iframe blocking getting in the way of web content
embedded by privileged tabs (e.g. Firefox 4's add-on manager)
x [ClearClick] slightly shorter viewport to accomodate Facebook's "Like"
mini buttons
x Fixed tooltips getting in the way of hover UI
- Removed status bar label
x Fixed regression: permissions changes on sites with non-standard ports
failed to trigger page reload (thanks Andrew Black for reporting)
x Fixed layout issue triggered by JS redirect detection (thanks Teknorat
for reporting)

Version 2.0.9rc3 502.8 kB Works with Firefox 3.0 - 4.0b9pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9rc3
==========================================================================
+ Middle clicking toobar button allows all on current page
- Removed forced embedding opacization legacy feature
- Removed tooltips from icons spawning hover UI
- Disabled permission toggling on left+click for hover UI toolbar buttons
(can be reenabled by setting noscript.hoverUI.excludeToggling to true)
x Fixed notification regression

v 2.0.9rc2
==========================================================================
x No extra spacer added on addon-bar during first customization
x Long menus automatically scroll to the bottom when opened from the
bottom of the browser
x Fixed legacy status bar icon switching permissions on left+click like
the toolbar button
x Fixed legacy status bar icon always getting "after_start" popup position

v 2.0.9rc1
==========================================================================
+ Improved anti-popunder surrogate
+ Check for UI accessibility of Firefox 4 with hidden addon-bar and
automatic installation of toolbar button on fail
x Fixed whitelisted iframe blocking getting in the way of web content
embedded by privileged tabs (e.g. Firefox 4's add-on manager)
x [ClearClick] slightly shorter viewport to accomodate Facebook's "Like"
mini buttons
x Fixed tooltips getting in the way of hover UI
- Removed status bar label
x Fixed regression: permissions changes on sites with non-standard ports
failed to trigger page reload (thanks Andrew Black for reporting)
x Fixed layout issue triggered by JS redirect detection (thanks Teknorat
for reporting)

Version 2.0.9rc2 504.8 kB Works with Firefox 3.0 - 4.0b9pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.9rc2
==========================================================================
x No extra spacer added on addon-bar during first customization
x Long menus automatically scroll to the bottom when opened from the
bottom of the browser
x Fixed legacy status bar icon switching permissions on left+click like
the toolbar button
x Fixed legacy status bar icon always getting "after_start" popup position

v 2.0.9rc1
==========================================================================
+ Improved anti-popunder surrogate
+ Check for UI accessibility of Firefox 4 with hidden addon-bar and
automatic installation of toolbar button on fail
x Fixed whitelisted iframe blocking getting in the way of web content
embedded by privileged tabs (e.g. Firefox 4's add-on manager)
x [ClearClick] slightly shorter viewport to accomodate Facebook's "Like"
mini buttons
x Fixed tooltips getting in the way of hover UI
- Removed status bar label
x Fixed regression: permissions changes on sites with non-standard ports
failed to trigger page reload (thanks Andrew Black for reporting)
x Fixed layout issue triggered by JS redirect detection (thanks Teknorat
for reporting)

Version 2.0.9rc1 504.8 kB Works with Firefox 3.0 - 4.0b9pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2


v 2.0.9rc1
==========================================================================
+ Improved anti-popunder surrogate
+ Check for UI accessibility of Firefox 4 with hidden addons-bar and
automatic installation of toolbar button on fail
x Fixed whitelisted iframe blocking getting in the way of web content
embedded by privileged tabs (e.g. Firefox 4's add-on manager)
x [ClearClick] slightly shorter viewport to accomodate Facebook's "Like"
mini buttons
x Fixed tooltips getting in the way of hover UI
- Removed status bar label
x Fixed regression: permissions changes on sites with non-standard ports
failed to trigger page reload (thanks Andrew Black for reporting)
x Fixed layout issue triggered by JS redirect detection (thanks Teknorat
for reporting)

Version 2.0.8.1 504.8 kB Works with Firefox 3.0 - 4.0b9pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.8.1
==========================================================================
x Fixed new IFRAME-based Youtube embedding method broken on non
whitelisted pages with embedding restrictions (thanks al_9x for report)

v 2.0.8
==========================================================================
x Fixed toolbar buttons icon size on Firefox 4 Windows theme
+ XSS check on permissions changes, suppressing events and forcing
filtered reload if an injection is found (thanks "dave b" for reporting)
x Fixed graphic glitches on menu showing with accelerated graphics (thanks
Das for reporting)
x Fixed permission changes causing unrelated tabs to be reloaded when
automatic permissions had been previously granted

v 2.0.8rc2
==========================================================================
x Fixed unhandled exception caused by LiveConnect interception logging (
thanks al_9x for reporting)
x Optimized QueryInterface generation
+ [ABE] 6to4 IP addresses support
x Fixed LiveConnect interception firing a dummy JVM sometimes on Gecko 2.0

v 2.0.8rc1
==========================================================================
x LiveConnect interception time reduced by 10 on Firefox 3.6 and by 100 on
Firefox 4 (about 1ms each)
x Restored LiveConnect interception logging (LOG_CONTENT_INTERCEPT mask)
x Fixed bug in fake redirections code, causing it not to honor the
redirection limit settings (thanks Peter Eckersley)
x [XSS] Improved SQLXSSI detection accuracy
x Updated revsci surrogate (thanks al_9x)

Version 2.0.8.1rc1 504.8 kB Works with Firefox 3.0 - 4.0b9pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.8.1rc1 (same as 2.0.8.1 final)
==========================================================================
x Fixed new IFRAME-based Youtube embedding method broken on non
whitelisted pages with embedding restrictions (thanks al_9x for report)

v 2.0.8rc3 (same as 2.0.8 final)
==========================================================================
x Fixed toolbar buttons icon size on Firefox 4 Windows theme
+ XSS check on permissions changes, suppressing events and forcing
filtered reload if an injection is found (thanks "dave b" for reporting)
x Fixed graphic glitches on menu showing with accelerated graphics (thanks
Das for reporting)
x Fixed permission changes causing unrelated tabs to be reloaded when
automatic permissions had been previously granted

v 2.0.8rc2
==========================================================================
x Fixed unhandled exception caused by LiveConnect interception logging (
thanks al_9x for reporting)
x Optimized QueryInterface generation
+ [ABE] 6to4 IP addresses support
x Fixed LiveConnect interception firing a dummy JVM sometimes on Gecko 2.0

v 2.0.8rc1
==========================================================================
x LiveConnect interception time reduced by 10 on Firefox 3.6 and by 100 on
Firefox 4 (about 1ms each)
x Restored LiveConnect interception logging (LOG_CONTENT_INTERCEPT mask)
x Fixed bug in fake redirections code, causing it not to honor the
redirection limit settings (thanks Peter Eckersley)
x [XSS] Improved SQLXSSI detection accuracy
x Updated revsci surrogate (thanks al_9x)

Version 2.0.8rc3 503.8 kB Works with Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.8rc3 (same as 2.0.8 final)
==========================================================================
x Fixed toolbar buttons icon size on Firefox 4 Windows theme
+ XSS check on permissions changes, suppressing events and forcing
filtered reload if an injection is found (thanks "dave b" for reporting)
x Fixed graphic glitches on menu showing with accelerated graphics (thanks
Das for reporting)
x Fixed permission changes causing unrelated tabs to be reloaded when
automatic permissions had been previously granted

v 2.0.8rc2
==========================================================================
x Fixed unhandled exception caused by LiveConnect interception logging (
thanks al_9x for reporting)
x Optimized QueryInterface generation
+ [ABE] 6to4 IP addresses support
x Fixed LiveConnect interception firing a dummy JVM sometimes on Gecko 2.0

v 2.0.8rc1
==========================================================================
x LiveConnect interception time reduced by 10 on Firefox 3.6 and by 100 on
Firefox 4 (about 1ms each)
x Restored LiveConnect interception logging (LOG_CONTENT_INTERCEPT mask)
x Fixed bug in fake redirections code, causing it not to honor the
redirection limit settings (thanks Peter Eckersley)
x [XSS] Improved SQLXSSI detection accuracy
x Updated revsci surrogate (thanks al_9x)

Version 2.0.8rc2 503.8 kB Works with Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.8rc2
==========================================================================
x Fixed unhandled exception caused by LiveConnect interception logging (
thanks al_9x for reporting)
x Optimized QueryInterface generation
x [ABE] 6to4 IP addresses support
x Fixed LiveConnect interception firing a dummy JVM sometimes on Gecko 2.0

v 2.0.8rc1
==========================================================================
x LiveConnect interception time reduced by 10 on Firefox 3.6 and by 100 on
Firefox 4 (about 1ms each)
x Restored LiveConnect interception logging (LOG_CONTENT_INTERCEPTI mask)
x Fixed bug in fake redirections code, causing it not to honor the
redirection limit settings (thanks Peter Eckersley)
x [XSS] Improved SQLXSSI detection accuracy
x Updated revsci surrogate (thanks al_9x)

Version 2.0.8rc1 503.8 kB Works with Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.8rc1
==========================================================================
x LiveConnect interception time reduced by 10 on Firefox 3.6 and by 100 on
Firefox 4 (about 1ms each)
x Restored LiveConnect interception logging (LOG_CONTENT_INTERCEPTI mask)
x Fixed bug in fake redirections code, causing it not to honor the
redirection limit settings (thanks Peter Eckersley)
x [XSS] Improved SQLXSSI detection accuracy
x Updated revsci surrogate (thanks al_9x)

Version 2.0.7 502.8 kB Works with Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.7
==========================================================================
+ [XSS] Detection and filtering of hexadecimal and binary encoded
reflected XSS through SQL injection (SQLXSSI), partially found and
disclosed (raw hexadecimal variant only) by Aditya K Sood

v 2.0.6
==========================================================================
+ Bug fixes and improvements in LiveConnect interception
x Fixed random "win is null" error message (thanks timeless for report)

v 2.0.6rc4
==========================================================================
+ Java packages exposed by LiveConnect on the window object are made
unaccessible wherever Java is blocked by embedding restrictions

v 2.0.6rc3
==========================================================================
x [ABE] Work-around for Flash video playback and other HTTP subrequests
from plugins sometimes failing on latest Minefield builds

v 2.0.6rc2
==========================================================================
x [ABE] Fixed 2.0.6rc1 regression: broken internal redirections

v 2.0.6rc1
==========================================================================
+ "Security and privacy info" pages shown also by middle-clicking items
in NoScript Options|Whitelist (thanks dhouwn for RFE)
x [XSS] Better compatibility with 4shared embedded movies
x [ABE] Fixed regression: Anon action interfering with IFrame blocking
when DNS record for current request is cached (thanks al_9x for report)

Version 2.0.7rc1 503.8 kB Works with Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.7rc1
==========================================================================
+ [XSS] Detection and filtering of hexadecimal and binary encoded
reflected XSS through MySQL injection, partially found and disclosed
(raw hexadecimal variant only) by Aditya K Sood

Version 2.0.6rc5 498.7 kB Works with Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.6rc5 (identical to 2.0.6 final)
==========================================================================
+ Bug fixes and improvements in LiveConnect interception
x Fixed random "win is null" error message (thanks timeless for report)

v 2.0.6rc4
==========================================================================
+ Java packages exposed by LiveConnect on the window object are made
unaccessible wherever Java is blocked by embedding restrictions

v 2.0.6rc3
==========================================================================
x [ABE] Work-around for Flash video playback and other HTTP subrequests
from plugins sometimes failing on latest Minefield builds

v 2.0.6rc2
==========================================================================
x [ABE] Fixed 2.0.6rc1 regression: broken internal redirections

v 2.0.6rc1
==========================================================================
+ "Security and privacy info" pages shown also by middle-clicking items
in NoScript Options|Whitelist (thanks dhown for RFE)
x [XSS] Better compatibility with 4shared embedded movies
x [ABE] Fixed regression: Anon action interfering with IFrame blocking
when DNS record for current request is cached (thanks al_9x for report)

Version 2.0.6rc4 498.7 kB Works with Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

2.0.6rc4
==========================================================================
+ Java packages exposed by LiveConnect on the window object are made
unaccessible wherever Java is blocked by embedding restrictions

2.0.6rc3
==========================================================================
x [ABE] Work-around for Flash video playback and other HTTP subrequests
from plugins sometimes failing on latest Minefield builds

2.0.6rc2
==========================================================================
x [ABE] Fixed 2.0.6rc1 regression: broken internal redirections

2.0.6rc1
==========================================================================
+ "Security and privacy info" pages shown also by middle-clicking items
in NoScript Options|Whitelist (thanks dhown for RFE)
x [XSS] Better compatibility with 4shared embedded movies
x [ABE] Fixed regression: Anon action interfering with IFrame blocking
when DNS record for current request is cached (thanks al_9x for report)

Version 2.0.6rc3 498.7 kB Works with Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

2.0.6rc3
==========================================================================
x [ABE] Work-around for Flash video playback and other HTTP subrequests
from plugins sometimes failing on latest Minefield builds

2.0.6rc2
==========================================================================
x [ABE] Fixed 2.0.6rc1 regression: broken internal redirections

2.0.6rc1
==========================================================================
+ "Security and privacy info" pages shown also by middle-clicking items
in NoScript Options|Whitelist (thanks dhown for RFE)
x [XSS] Better compatibility with 4shared embedded movies
x [ABE] Fixed regression: Anon action interfering with IFrame blocking
when DNS record for current request is cached (thanks al_9x for report)