Versionsgeschichte von NoScript

883 Versionen

Seien Sie vorsichtig mit alten Versionen!

Diese Versionen werden zu Referenz- und Testzwecken angezeigt. Sie sollten immer die letzte Version eines Add-ons verwenden.

Version 2.4.1rc2 523.3 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.4.1rc2
==========================================================================
+ [Surrogate] adagionet.com inclusion surrogate
x Fixed "Allow sites open through bookmarks" regression (thanks jerryi and
therube for reporting)

v 2.4.1rc1
==========================================================================
+ [XSS] Protection against exploitation of classic MS ASP's coalescing of
same-name query parameters (thanks Soroush Dalili for reporting)
+ [XSS] Protection against URL injections in in window.name
x [XSS] Fixed case-sensitivity bug in detection of unicode escape
sequences (thanks Masato Kinugawa for reporting)

Version 2.4.1rc1 523.3 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.4.1rc1
==========================================================================
+ [XSS] Protection against exploitation of classic MS ASP's coalescing of
same-name query parameters (thanks Soroush Dalili for reporting)
+ [XSS] Protection against URL injections in in window.name
x [XSS] Fixed case-sensitivity bug in detection of unicode escape
sequences (thanks Masato Kinugawa for reporting)

Version 2.4.1-signed 523.3 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.4rc8
==========================================================================
x [XSS] Improved global exception injection detection
x [XSS] Fixed bug in late window.name payload checking (thanks Soroush
Dalili for reporting)
x [Locale] Fixed broken overlay on Basque localized browsers (for real
this time, thanks afa for reporting)

v 2.4rc7
==========================================================================
+ [XSS] Improved InjectionChecker detection of in-code multiple insertions
(thanks Krzysztof Kotowicz)
+ [XSS] InjectionChecker detection of single assignment evaluation through
global exception handling (thanks Gareth Heyes)
x [Locale] Fixed broken overlay on Basque localized browsers (thanks afa
for reporting)

v 2.4rc6
==========================================================================
+ [Surrogate] Skimlinks surrogate script (thanks Drewett for reporting)

v 2.4rc5
==========================================================================
x Improved temporary permissions management during bookmarklet execution

v 2.4rc4
==========================================================================
x Fixed 2.4rc3 regression in url bar JavaScript execution

v 2.4rc3
==========================================================================
x Fixed bookmarklet couldn't be executed on blacklisted sites in "Globally
Allow" mode (thanks tharpa for reporting)

v 2.4rc2
==========================================================================
x [ClearClick] Fixed cross-site clicks blocked on Firefox < 3.6 (thanks
Janet Whipple for reporting)

v 2.4rc1
==========================================================================
x [Surrogate] Fixed surrogates broken on Nightly

Version 2.4rc8 523.3 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.4rc8
==========================================================================
x [XSS] Improved global exception injection detection
x [XSS] Fixed bug in late window.name payload checking (thanks Soroush
Dalili for reporting)

v 2.4rc6
==========================================================================
+ [Surrogate] Skimlinks surrogate script (thanks Drewett for reporting)

v 2.4rc5
==========================================================================
x Improved temporary permissions management during bookmarklet execution

v 2.4rc4
==========================================================================
x Fixed 2.4rc3 regression in url bar JavaScript execution

v 2.4rc3
==========================================================================
x Fixed bookmarklet couldn't be executed on blacklisted sites in "Globally
Allow" mode (thanks tharpa for reporting)

v 2.4rc2
==========================================================================
x [ClearClick] Fixed cross-site clicks blocked on Firefox < 3.6 (thanks
Janet Whipple for reporting)

v 2.4rc1
==========================================================================
x [Surrogate] Fixed surrogates broken on Nightly

Version 2.4rc7 523.3 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.4rc7
==========================================================================
+ [Surrogate] Skimlinks surrogate script (thanks Drewett for reporting)
+ [XSS] Improved InjectionChecker detection of in-code multiple insertions
(thanks Krzysztof Kotowicz)
+ [XSS] InjectionChecker detection of single assignment evaluation through
global exception handling (thanks Gareth Heyes)
+ [Locale] Fixed broken overlay on Basque localized browsers (thanks afa
for reporting)

Version 2.4rc6 523.3 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.4rc6
==========================================================================
+ [Surrogate] Skimlinks surrogate script (thanks Drewett for reporting)

v 2.4rc5
==========================================================================
x Improved temporary permissions management during bookmarklet execution

v 2.4rc4
==========================================================================
x Fixed 2.4rc3 regression in url bar JavaScript execution

v 2.4rc3
==========================================================================
x Fixed bookmarklet couldn't be executed on blacklisted sites in "Globally
Allow" mode (thanks tharpa for reporting)

v 2.4rc2
==========================================================================
x [ClearClick] Fixed cross-site clicks blocked on Firefox < 3.6 (thanks
Janet Whipple for reporting)

v 2.4rc1
==========================================================================
x [Surrogate] Fixed surrogates broken on Nightly

Version 2.4rc5 523.3 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.4rc5
==========================================================================
x Improved temporary permissions management during bookmarklet execution

v 2.4rc4
==========================================================================
x Fixed 2.4rc3 regression in url bar JavaScript execution

v 2.4rc3
==========================================================================
x Fixed bookmarklet couldn't be executed on blacklisted sites in "Globally
Allow" mode (thanks tharpa for reporting)

v 2.4rc2
==========================================================================
x [ClearClick] Fixed cross-site clicks blocked on Firefox < 3.6 (thanks
Janet Whipple for reporting)

v 2.4rc1
==========================================================================
x [Surrogate] Fixed surrogates broken on Nightly

Version 2.4rc4 522.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.4rc4
==========================================================================
x Fixed 2.4rc3 regression in url bar JavaScript execution

v 2.4rc3
==========================================================================
x Fixed bookmarklet couldn't be executed on blacklisted sites in "Globally
Allow" mode (thanks tharpa for reporting)

v 2.4rc2
==========================================================================
x [ClearClick] Fixed cross-site clicks blocked on Firefox < 3.6 (thanks
Janet Whipple for reporting)

v 2.4rc1
==========================================================================
x [Surrogate] Fixed surrogates broken on Nightly

Version 2.4rc2 523.3 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.4rc2
==========================================================================
x [ClearClick] Fixed cross-site clicks blocked on Firefox < 3.6 (thanks
Janet Whipple for reporting)

v 2.4rc1
==========================================================================
x [Surrogate] Fixed surrogates broken on Nightly

Version 2.4rc1 523.3 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.4rc1
==========================================================================
x [Surrogate] Fixed surrogates broken on Nightly

Version 2.3.9.1-signed 523.3 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.9
==========================================================================
+ [ClearClick] More tolerant snapshot comparation algorithm (partially
backported from NSA) to reduce false positives (tweaked by the
noscript.clearClick.threshold percentage value in about:config)
- Removed about:credits from default whitelist
x [ClearClick] Fixed false positives (e.g. on embedded Vimeo movies) in
obscuration by windowed plugins checks
x Fixed compatibility regressions on Firefox 3.x
x Following links from the About dialog now closes it (thanks Guardian for
suggestions)
x Fixed NOSCRIPT META refreshes blocking not working when scripts are
globally allowed (thanks and Ken and Tom T. for reporting)
x [ClearClick] Fixed false positives caused by accelerated graphics with
some plugin content

Version 2.3.9rc4 523.3 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.9rc4
==========================================================================
x [ClearClick] Fixed false positives caused by accelerated graphics with
some plugin content

v 2.3.9rc3
==========================================================================
x Fixed compatibility regressions on Firefox 3.x
x Following links from the About dialog now closes it (thanks Guardian for
suggestons)
x Fixed NOSCRIPT META refreshes blocking not working when scripts are
globally allowed (thanks and Ken and Tom T. for reporting)

v 2.3.9rc2
==========================================================================
x [ClearClick] Fixed false positives (e.g. on embedded Vimeo movies) in
obscuration by windowed plugins checks

v 2.3.9rc1
==========================================================================
+ [ClearClick] More tolerant snapshot comparation algorithm (partially
backported from NSA) to reduce false positives (tweaked by the
noscript.clearClick.threshold percentage value in about:config)
- Removed about:credits from default whitelist

Version 2.3.9rc3 523.3 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.9rc3
==========================================================================
x Fixed compatibility regressions on Firefox 3.x
x Following links from the About dialog now closes it (thanks Guardian for
suggestons)
x Fixed NOSCRIPT META refreshes blocking not working when scripts are
globally allowed (thanks and Ken and Tom T. for reporting)

v 2.3.9rc2
==========================================================================
x [ClearClick] Fixed false positives (e.g. on embedded Vimeo movies) in
obscuration by windowed plugins checks

v 2.3.9rc1
==========================================================================
+ [ClearClick] Fuzzier snapshot comparation algorithm (partially
backported from NSA) to reduce false positives (tweaked by the
noscript.clearClick.threshold percentage value in about:config)
- Removed about:credits from default whitelist

Version 2.3.9rc2 522.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.9rc2
==========================================================================
x [ClearClick] Fixed false positives (e.g. on embedded Vimeo movies) in
obscuration by windowed plugins checks

v 2.3.9rc1
==========================================================================
+ [ClearClick] Fuzzier snapshot comparation algorithm (partially
backported from NSA) to reduce false positives (tweaked by the
noscript.clearClick.threshold percentage value in about:config)
- Removed about:credits from default whitelist

Version 2.3.9rc1 522.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.9rc1
==========================================================================
+ [ClearClick] More tolerant snapshot comparation algorithm (partially
backported from NSA) to reduce false positives (tweaked by the
noscript.clearClick.threshold percentage value in about:config)
- Removed about:credits from default whitelist

Version 2.3.8.1-signed 522.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1, SeaMonkey 2.0 und neuer

v 2.3.8
==========================================================================
+ Smart integration with the new browser-native click to play: if a plugin
object is manually allowed from NoScript's UI, it gets also natively
activated (noscript.smartClickToPlay about:config preference)
+ Improved active content identity tracking, to avoid redundant blocking
steps across reloads
x Fixed redirections in legacy frames not being blocked (thanks "utente"
for reporting)
x [Surrogate] Surrogate to fix broken buttons at Uniblue e-commerce site

Version 2.3.8rc2 522.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.8rc2
==========================================================================
x Fixed 2.3.8rc1 regression slowing down flashvars parsing in some cases
(thanks fred for reporting)
x Fixed redirections in legacy frames not being blocked (thanks "utente"
for reporting)
x [Surrogate] Surrogate to fix broken buttons at Uniblue e-commerce site

v 2.3.8rc1
==========================================================================
+ Smart integration with the new browser-native click to play: if a plugin
object is manually allowed from NoScript's UI, it gets also natively
activated (noscript.smartClickToPlay about:config preference)
+ Improved active content identity tracking, to avoid redundant blocking
steps across reloads

Version 2.3.8rc1 522.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.8rc1
==========================================================================
+ Smart integration with the new browser-native click to play: if a plugin
object is manually allowed from NoScript's UI, it gets also natively
activated (noscript.smartClickToPlay about:config preference)
+ Improved active content identity tracking, to avoid redundant blocking
steps across reloads

Version 2.3.7.1-signed 521.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.7
==========================================================================
x [ClearClick] Work-around for "rapid fire" protection interfering with
some add-ons, such as 1Password (thanks Mike Tselikman for report) and
FloatNotes (thanks endofmiles and Tom T. for reports)
x [ClearClick] Compatibility with Bitdefender TrafficLight (thanks
Christopher A. M. Gerlach for reporting)
x [XSS] Enhanced InjectionChecker tolerance to certain URL patterns
containing domain-names as parameter values (thanks gazer75 for report)

Version 2.3.7rc5 521.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.7rc5
==========================================================================
x [ClearClick] Further refinements in TrafficLight compatibility and
"rapid fire" sensitvity

v 2.3.7rc4
==========================================================================
x [ClearClick] Further "rapid fire" protection sensitivity tweaking

v 2.3.7rc3
==========================================================================
x [ClearClick] Work-around for "rapid fire" protection interfering with
some add-ons, such as 1Password (thanks Mike Tselikman for report)

v 2.3.7rc2
==========================================================================
x [ClearClick] Compatibility with Bitdefender TrafficLight (thanks
Christopher A. M. Gerlach for reporting)

v 2.3.7rc1
==========================================================================
x [XSS] Enhanced InjectionChecker tolerance to certain URL patterns
containing domain-names as parameter values (thanks gazer75 for report)

Version 2.3.7rc4 521.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.7rc4
==========================================================================
x [ClearClick] Further "rapid fire" protection sensitivity tweaking

v 2.3.7rc3
==========================================================================
x [ClearClick] Work-around for "rapid fire" protection interfering with
some add-ons, such as 1Password (thanks Mike Tselikman for report)

Version 2.3.7rc3 521.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.7rc3
==========================================================================
x [ClearClick] Work-around for "rapid fire" protection interfering with
some add-ons, ssuch as 1Password (thanks Mike Tselikman for report)

v 2.3.7rc2
==========================================================================
x [ClearClick] Compatibility with Bitdefender TrafficLight (thanks
Christopher A. M. Gerlach for reporting)

v 2.3.7rc1
==========================================================================
x [XSS] Enhanced InjectionChecker tolerance to certain URL patterns
containing domain-names as parameter values (thanks gazer75 for report)

Version 2.3.7rc2 521.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.7rc2
==========================================================================
x [ClearClick] Compatibility with Bitdefender TrafficLight (thanks
Christopher A. M. Gerlach for reporting)

v 2.3.7rc1
==========================================================================
x [XSS] Enhanced InjectionChecker tolerance to certain URL patterns
containing domain-names as parameter values (thanks gazer75 for report)

Version 2.3.7rc1 520.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

x [XSS] Enhanced InjectionChecker tolerance to certain URL patterns
containing domain-names as parameter values (thanks gazer75 for report)

Version 2.3.6.1-signed 520.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.6
==========================================================================
x Restored Nightly compatibility, broken by bug 719154
+ [ClearClick] improved compatibility with Disqus widgets (thanks El Cid
for reporting)
+ [AddressMatcher] Optimized trailing "*" in glob expressions
x Fixed origin URL detection flawed when certain wrapped URIs are loaded
(thanks Masato Kinugawa for reporting)
x [XSS] Fixed false positive with query string patterns mimicking array
access (thanks Aicke Schulz for reporting)

Version 2.3.6rc4 520.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.6rc4
==========================================================================
x Restored Nightly compatibility, broken by bug 719154

v 2.3.6rc3
==========================================================================
+ [ClearClick] improved compatibility with Disqus widgets (thanks El Cid
for reporting)
+ [AddressMatcher] Optimized trailing "*" in glob expressions

v 2.3.6rc2
==========================================================================
x Fixed origin URL detection flawed when certain wrapped URIs are loaded
(thanks Masato Kinugawa for reporting)

v 2.3.6rc1
==========================================================================
x [XSS] Fixed false positive with query string patterns mimicking array
access (thanks Aicke Schulz for reporting)

Version 2.3.6rc3 520.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.6rc3
==========================================================================
+ [ClearClick] improved compatibility with Disqus widgets (thanks El Cid
for reporting)
+ [AddressMatcher] Optimized trailing "*" in glob expressions

v 2.3.6rc2
==========================================================================
x Fixed origin URL detection flawed when certain wrapped URIs are loaded
(thanks Masato Kinugawa for reporting)

v 2.3.6rc1
==========================================================================
x [XSS] Fixed false positive with query string patterns mimicking array
access (thanks Aicke Schulz for reporting)

Version 2.3.6rc2 521.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.6rc2
==========================================================================
x Fixed origin URL detection flawed when certain wrapped URIs are loaded
(thanks Masato Kinugawa for reporting)

v 2.3.6rc1
==========================================================================
x [XSS] Fixed false positive with query string patterns mimicking array
access (thanks Aicke Schulz for reporting)

Version 2.3.6rc1 521.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.6rc1
==========================================================================
x [XSS] Fixed false positive with query string patterns mimicking array
access (thanks Aicke Schulz for reporting)

Version 2.3.5.1-signed 520.2 kB Funktioniert mit Firefox 3.0 und neuer, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 und neuer

v 2.3.5
==========================================================================
x Work-around for a Flash 32-bit issue (64-bit Firefox unaffected) causing
Google Music Player to fail (thanks DG42 for original report, Alan Baxter
for providing a test account, all the forum staff and many users for
their help in reproducing)
x [ABE] Fixed "Sandbox" action permanently disabling plugins, frames and
meta refreshes on the affected tab even if document changes (thanks
Tom T. and Patrick E. for reporting)
x [ClearClick] Better special-casing for same-site embedded objects
x [Surrogate] Global variables introduced by sandboxed surrogates are
attached as window properties after execution to fix recently surfaced
scope-related bugs
x [XSS] Better window.name protection (thanks Masato Kinugawa for report)
x [XSS] Improved detection of javascript: URL injections