Historie verzí doplňku NoScript Security Suite

368 verzí

Se starými verzemi opatrně!

Tyto verze jsou dostupné pro referenční a testovací účely. Měli byste vždy použít poslední verzi doplňku.

Verze 2.9.5.2 542.6 KiB Podporuje Firefox 45.0 a novější, SeaMonkey 2.43 a novější

v 2.9.5.2
=============================================================
x Fixed Stylish editor breakage (thanks JustAnotherGuy for
reporting
x Fixed media blocking delayed with Tor Browser's "Medium"
Security Sider preset
x Fixed frame blocking issues
x Fixed top-level media loads issues
x Fixed apparent delay in menu UI feedback (thanks mechadon
for reporting)
x Fixed some XSS filter over-sensitivity regressions
x Fixed "Allow local links" causing file:// URLs to fail
x [Locale] Updated nl (thanks Ton)

Verze 2.9.5.1 541.6 KiB Podporuje Firefox 45.0 a novější, SeaMonkey 2.42 a novější

2.9.5.1
=============================================================
x Fixed some pages not loading on 1st attempt when e10s is
enabled (thanks Semtex for reporting)

2.9.5
=============================================================
+ Full e10s compatibility
x Fixed big whitelists being reset to default permissions on
e10s-enabled browsers (thanks sabret00the and Internet User
for reporting)
x Better fix for some embedding permissions issues (thanks
barbaz for reporting)
x MediaSource blocking support (Tor Project)
x Better handling of media types loaded as top-level
documents
x Declared (but untested) Palemoon support (thanks barbaz)
x [System Principal] included in the mandatory allowed list
x Fixed allow scripts globally requiring a restart (thanks
FFreestyleRR for reporting
x Fixed embeddings autoreload on e10s-disabled browsers
^ TODO: MediaSource blocking support
x Improved autoreload responsiveness and precision
x Fixed IFrame over-blocking bug (thanks G113 for report)
x Fixed sites involved in background requests being not
reported in the UI, even if intercepted and/or blocked (
thanks GH113 for reporting)
x Fixed typo in PasteHandler (thanks barbaz for reporting)
x Fixed embedding-related automatic reload issues (thanks
barbaz and tmeader for reporting)
x Fixed compatibility regression with Firefox 45
x [Surrogate] Fixed file:// replacements broken (thanks
barbaz for reporting)
^ TODO: MediaSource blocking support
x Fixed typo in XSS filter breaking JSON cross-site requests
x Fixed automatic reload issues (thanks GH113 for reporting)
x Fixed UI not always synchronized on startup (thanks GH113
for reporting)
x Fixed incompatibilities with older Firefox down to 45
(thanks barbaz for reporting)
x Fixed automatic reload impossible to be disabled (thanks
GH113 for reporting)
x Fixed UI initially not synced on new windows (thanks GH113
for reporting)
x Fixed bug in secure cookie enforcement upgrading all the
unsecure cookies on secure connections even if a secure
cookie for the domain existed, increasing chances of
incompatibilities (thanks PDL for reporting)
x Fixed escaping issues in the noscript.js preference file
(thanks PDL for reporting)

Verze 2.9.0.14 551.4 KiB Podporuje Firefox 13.0 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.10 a novější

v 2.9.0.14
=============================================================
x Fixed live bookmarks in Firefox 48 or above

Verze 2.9.0.13 551.4 KiB Podporuje Firefox 13.0 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.10 a novější

v 2.9.0.13
=============================================================
x Added missing "s" in noscript.mandatory/about:feeds

Verze 2.9.0.12 551.4 KiB Podporuje Firefox 13.0 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.10 a novější

v 2.9.0.12
=============================================================
x Updated DNT implementation to match the most recent spec
about navigator.doNotTrack values (thanks Francois Merier)
x [XSS] Better compatibility with Unionbank's website (thanks
Brent for reporting)
x Fixed bug 1278735 (JavaScript disabled in private windows)
x Fixed JSON viewer not working
x about:feed in the mandatory whitelist to fix bug 1272139
x [XSS] Disable JavaScript on FTP-served pages when a
potential DOM XSS threat is detected (thanks Emanuel
Bronshtein @e3amn2l for reporting)
x Fixed DOS through script-triggered ClickToPlay confirmation
dialogs in a loop (thanks Emanuel Bronshtein @e3amn2l for
reporting)
x Fixed placeholder links might be potentially used as XSS
vectors if stars were properly aligned(thanks Emanuel
Bronshtein @e3amn2l for reporting)
x [Surrogate] Updated google-analytics.com replacement (
thanks noscriptsplox)
x [XSS] Fixed regression (thanks Masato Kinugawa for report)

Verze 2.9.0.11 551.2 KiB Podporuje Firefox 13.0 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.10 a novější

v 2.9.0.11
=============================================================
x [XSS] Fixed infrastructure issue preventing one filter from
being automatically synchronized with Mozilla's source code
as designed (thanks .mario and Maxim Rupp for reporting)
x [XSS] Added filtering for a potential CSRF vector (thanks
Masato Kinugawa for reporting)

Verze 2.9.0.10 537.0 KiB Podporuje Firefox 13.0 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.10 a novější

v 2.9.0.10
=============================================================
x Fixed placeholder activation in Gecko 45 and above

Verze 2.9.0.9 537.0 KiB Podporuje Firefox 13.0 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.10 a novější

v 2.9.0.9
=============================================================
x [XSS] Compatibility exception for the Printfriendly add-on
x Removed msn.com from the default whitelist, since it seems
to be unable to support HTTPS consistently

Verze 2.9.0.7 536.9 KiB Podporuje Firefox 38.0 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.35 a novější

v 2.9.0.7
=============================================================
x [HTTPS] Removed legacy redirection methods when redirectTo()
is available in HTTP channels, fixing YouTube embedding
problem
x Replaced newChannel() with newChannel2() on Gecko 48

Verze 2.9.0.6 536.8 KiB Podporuje Firefox 38.0 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.35 a novější

v 2.9.0.6
=============================================================
x [HTTPS] Limit httpsDefWhitelist effect to document loads
x [XSS] Reduced eval aliasing checks false positives

Verze 2.9.0.5 536.7 KiB Podporuje Firefox 38.0 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.35 a novější

v 2.9.0.5
=============================================================
x [XSS] Improved detection of computed property accessors
(thanks Emanuel Bronshtein @e3amn2l for report)
x [HTTPS] Fixed httpsDefWhitelist breaking OCSP (thanks al_9x
for reporting)
x [HTTPS] Fixed httpsDefWhitelist breaking yui.yahooapis.com
(thanks Rob Greenberg for reporting
x [XSS] Fixed OpenID-related false positive
x Restored Nightly compatibility broken by bug 1253016
x Fixed regression in HTTPS enforcing exceptions
x [Surrogate] Updated googletag replacement (thanks barbaz)
x [Surrogate] Updated ga replacement (thanks barbaz)
x [XSS] Improved replacement for dangerous keywords/built-in
properties (thanks Emanuel Bronshtein @e3amn2l for report)
x [HTTPS] noscript.httpsDefWhitelist option to automatically
upgrade to HTTPS sites found in the default whitelist
(enabled by default, thanks Mazin Amhed for reporting)

Verze 2.9.0.4 536.3 KiB Podporuje Firefox 13.0 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.10 a novější

v 2.9.0.4
=============================================================
x Fixed InjectionChecker over-optimization bug (thanks Maxim
Rupp for reporting)
x [l10n] Updated ar (thanks Nassim Dhaher)

Verze 2.9.0.3 536.3 KiB Podporuje Firefox 13.0 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.10 a novější

v 2.9.0.3rc2
=============================================================
x Fixed NoScript blocking WebExtensions by default
x Fixed XSS filter JSON sanitization bug (thanks Maxim Rupp
for reporting)

Verze 2.9.0.2 537.3 KiB Podporuje Firefox 13.0 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.10 a novější

v 2.9.0.2
=============================================================
x Version bump to work around AMO's 404 when serving 2.9.0.1

v 2.9.0.1
=============================================================
x Replaced "for each ()" with "for (... of ...)"
x Removed array comprehension usage
- Removed compatibility with Gecko lt 13
x Fixed conflict w/ KeeFox + CTR (thanks amloessb for report)
https://forums.informaction.com/viewtopic.php?p=80581

Verze 2.9 537.5 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.9rc1
=============================================================
x [e10s] Fixed "Temporarily allow top-level sites by default"
broken by Electrolysis
x Fixed "key.revokeTemp" preference management bug (thanks
palme for patch)

Verze 2.7 537.3 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.7
=============================================================
- Removed informaction.com, flashgot.net and maone.net from
the default whitelist to reduce the potential attack
surface
- Removed vestigial noscript.forbidData preference
x Fixed shorthands not checked for ftp(s) sites (thanks
Leon Winter for patch)
x [Surrogate] Fixed googletag replacement (thanks barbaz)
x Fixed incompatibility with importScript() from workers
breaking new reCaptcha implementation (thanks Mr_KrzYch00
for reporting)

Verze 2.6.9.39 536.3 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.39
=============================================================
x Work-around for a XSS "false positive" caused by nwolb.com
passing Javascript code across subdomains in window.name
(thanks Sagiv Masvari for reporting)

Verze 2.6.9.38 729.2 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.38
=============================================================
x Fixed breakage due to const declarations behavior changes
in latest Firefox nightlies (thanks to all the people in
https://bugzilla.mozilla.org/show_bug.cgi?id=1212707)

Verze 2.6.9.37 536.4 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.37
=============================================================
x Fixed bug: launching a bookmarklet on about:newTab caused
allow scripts globally for that tab (thanks James Strange
for reporting)
x [L10n] Updated French translation (thanks Syl)
x Fixed NOSCRIPT element hidden on Javascript-disabled pages
(moz bug 1208818)
x [Surrogate] enhanced gogletags.com replacement (thanks
therube)
x Fixed subtle bug in load context association causing an
origin mismatch in one corner case (thanks Gareth Heyes
for reporting)

Verze 2.6.9.36 536.0 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.36
=============================================================
x [L10n] Fixed typo in nb-NO (thanks Mikkel H.)
x [e10s] Fixed top-level site auto-whitelisting broken
x [e10s] Fixed MozBug 1196477 (crash with allowLocalLinks)
x Shorthands reliability improvements
x [ClearClick] fixed console spam due to missing XPCOM
interfaces for HTML elements
x In order to help Netflix users with the new video delivery
system, users who have netflix.com already in their
whitelist get https://*.nflxvideo.net whitelisted as
well on upgrade

Verze 2.6.9.35 536.0 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.35
=============================================================
x [Surrogate] googletagservices.com replacement now supports
custom googletag objects (thanks barbaz)
x [Surrogate] fixed surrogates stopped working on older
Gecko versions (thanks barbaz)
x [XSS] Work-around for false positive on some Yahoo! URLs
x Corrected mistyped about:pocket-saved whitelist entry
x Fixed race condition in ABE options observer causing
l.getRowCount() console spam

Verze 2.6.9.34 536.0 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.34
=============================================================
x [Surrogate] Fixed a bug preventing some replacements from
running
x [XSS] Fixed over-optimized JSON and dots erasure allowing
for a filter bypass in specific (and likely rare)
circumstances (thanks Gareth Heyes for reporting)

Verze 2.6.9.33 536.0 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.33
=============================================================
x [XSS] Fixed bug in minimal inline JavaScript fragment
detection (thanks Frederik Braun for reporting)
x [L10n] Updated Russian (thanks fatboy).
x [Surrogate] fixed scope conflicts caused by the $S() object
replacement wrapper (e.g. with some EA games)

Verze 2.6.9.32 536.0 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.32
=============================================================
+ Added domains required for Netflix playback to the default
whitelist
x Fixed inline script blocking broken by latest Nightlies
x Fixed NOSCRIPT elements not being shown in script-blocked
pages on Firefox betas
x [Surrogate] shimmed or replaced code causing deprecations
x [Surrogate] updated googletag replacement (thanks barbaz)
x [XSS] Fixed regression in minimal inline JavaScript
fragment detection (thanks Gareth Heyes for reporting)
x Fixed edge case causing JavaScript redirections detection
to fail on http://qklnk.co/ (thanks Jess Hampshire for RFE)

Verze 2.6.9.31 535.4 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.31
=============================================================
x [XSS] Fixed attribute injection checks regression (thanks
Maxim Rupp and .mario of Cure53 for reporting)

Verze 2.6.9.30 535.4 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.30
=============================================================
x Fixed noscript.allowWhitelistUpdates preference being
ignored
+ Filtering out whitelist additions not required by the
the specific current browser type and version
+ Added about:pocket-save and about:pocket-signup to the
default whitelist
x More restrictive and accurate INCLUSION type check (thanks
Meee for reporting)
x [XSS] Further invalid characters optimization refinement
(thanks Mathias Karlsson for reporting)
x [XSS] Fixed XML stripping optimization to prevent inline
injections (thanks Mathias Karlsson for reporting)
x Default whitelist maintenance: removed prototypejs.org,
cdnjs.cloudflare.com; restored maps.googleapis.com
x [XSS] Updated inline event handlers related code preventing
potential 2nd order injections on very badly coded websites
(thanks Mathias Karlsson for reporting)

Verze 2.6.9.29 536.1 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.29
=============================================================
x [XSS] Improved specificity of invalid characters
optimization to remove a string literal breaking detection
bypass (thanks Mathias Karlsson for reporting)

Verze 2.6.9.28 536.1 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.28
=============================================================
x Narrowed googleapis.com default whitelist entry to
ajax.googleapis.com
x [Surrogate] Updated gigya.com and 2mdn.net replacements
(thanks saaib)

Verze 2.6.9.27 536.0 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.27
=============================================================
x Fixed media elements being blocked on first (uncached)
request (thanks RobertDrew for reporting)
+ noscript.middlemouse_temp_allow_main_site about:config
preference to control whether middle-clicking the toolbar
button should allow current top document's site (thanks
barbaz)
x [L10n] Updated Belarusian (thanks Dzmitry Drazdou)
+ Default whitelist retroactive removal ability
x Removed vjs.zendcdn.net from the default whitelist

Verze 2.6.9.26 536.0 KiB Podporuje Firefox 3.0.9 a novější, Mobilní 1.0 - 2.0a1pre, SeaMonkey 2.0 a novější

v 2.6.9.26
=============================================================
x Extended the redirectTo() safety net for to all the internal
redirections
x Work-around for redirectTo() breaking Flash plugin
subrequests
x Got ChannelReplacement backed by HTTPChannel.redirectTo()
whenever possible (should fix moz-bug 1153256 for good)
x Fixed double redirection in HTTPS enforcing