Versionsgeschichte von NoScript

927 Versionen

Seien Sie vorsichtig mit alten Versionen!

Diese Versionen werden zu Referenz- und Testzwecken angezeigt. Sie sollten immer die letzte Version eines Add-ons verwenden.

Version 2.0.3.5 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.3.5
==========================================================================
x [UI] Fixed right-click on the toolbar button switching permissions

v 2.0.3.4
==========================================================================
+ [UI] Bold "Recently blocked" menu and items which have been attempted to
load from the currently displayed web site (thanks therube for RFE)
- Removed legacy (pre Fx 3) notification code

v 2.0.3.4rc2
==========================================================================
- [UI] Removed status icon hover effect
+ [Surrogate] adriver.ru surrogate to prevent "pages never finish loading"
problem (thanks al_9x)
+ [ClearClick] Unlocked flag caching performance optimizations
+ AddressMatcher now matches UTF8 (not IDN-encoded) host names too
+ AddressMatcher now matches scheme only (xyz:) patterns
x Work-around for X-Frame-Option interfering with mixed chrome/content
UIs (e.g. Firefox 4 add-ons manager)

v 2.0.3.4rc1
==========================================================================
x Fixed unchecking and re-checking the toggle permissions toolbar button
behavior ending in an inconsistent status (thanks Grump Old Lady for
reporting)
x [XSS] Improved Blogger CMS compatibility (thanks Logos for reporting)

Version 2.0.3.5rc1 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.3.5
==========================================================================
x [UI] Fixed right-click on the toolbar button switching permissions

Version 2.0.3.4rc3 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.3.4rc3 (same as 2.0.3.4 final)
==========================================================================
+ [UI] Bold "Recently blocked" menu and items which have been attempted to
load from the currently displayed web site (thanks therube for RFE)
- Removed legacy (pre Fx 3) notification code

v 2.0.3.4rc2
==========================================================================
- [UI] Removed status icon hover effect
+ [Surrogate] adriver.ru surrogate to prevent "pages never finish loading"
problem (thanks al_9x)
+ [ClearClick] Unlocked flag caching performance optimizations
+ AddressMatcher now matches UTF8 (not IDN-encoded) host names too
+ AddressMatcher now matches scheme only (xyz:) patterns
x Work-around for X-Frame-Option interfering with mixed chrome/content
UIs (e.g. Firefox 4 add-ons manager)

v 2.0.3.4rc1
==========================================================================
x Fixed unchecking and re-checking the toggle permissions toolbar button
behavior ending in an inconsistent status (thanks Grump Old Lady for
reporting)
x [XSS] Improved Blogger CMS compatibility (thanks Logos for reporting)

Version 2.0.3.4rc2 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.3.4rc2
==========================================================================
- [UI] Removed status icon hover effect
+ [Surrogate] adriver.ru surrogate to prevent "pages never finish loading"
problem (thanks al_9x)
+ [ClearClick] Unlocked flag caching performance optimizations
+ AddressMatcher now matches UTF8 (not IDN-encoded) host names too
+ AddressMatcher now matches scheme only (xyz:) patterns
x Work-around for X-Frame-Option interfering with mixed chrome/content
UIs (e.g. Firefox 4 add-ons manager)

v 2.0.3.4rc1
==========================================================================
x Fixed unchecking and re-checking the toggle permissions toolbar button
behavior ending in an inconsistent status (thanks Grump Old Lady for
reporting)
x [XSS] Improved Blogger CMS compatibility (thanks Logos for reporting)

Version 2.0.3.3 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b2

v 2.0.3.3
==========================================================================
x Changed noscript.forbidIFramesContext about:config preference default to
3 (same base domain) to ensure better usability on complex sites (e.g.
new Twitter) for people who's blocking iframes on trusted sites
x Optimal sensitivity calibration for Hover UI trigger events

v 2.0.3.3rc3
==========================================================================
+ Improved Hover UI usability with the noscript.hoverUI.delayStop
about:config preference, dictating how many milliseconds the mouse must
stand still on NoScript's icon before NoScript's menu is displayed

v 2.0.3.3rc2
==========================================================================
+ [Surrogate] Surrogate scripts are no longer wrapped inside anonymous
functions, in order to allow top-level variables to be forced read-only
by using the const keyword; built-in surrogates have been retrofitted to
prevent scope clashes, by adding anonymous function wrappers as needed

v 2.0.3.3rc1
==========================================================================
+ [UI] Configurable enter and exit delays for the hover UI behavior, via
noscript.hoverUI.delay* about:config preferences
x [ClearClick] improved compatibility with very short frames (like the top
bar on www.blogger.com, thanks craftcove for reporting)
x [Policy] Removed legacy code specializing TYPE_OTHER

Version 2.0.3.3rc4 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.3.3rc4
==========================================================================
x Changed noscript.forbidIFramesContext about:config preference default to
3 (same base domain) to ensure better usability on complex sites (e.g.
new Twitter) for people who's blocking iframes on trusted sites
x Optimal sensitivity calibration for Hover UI trigger events

Version 2.0.3.3rc3 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.3.3rc3
==========================================================================
+ Improved Hover UI usability with the noscript.hoverUI.delayStop
about:config preference, dictating how many milliseconds the mouse must
stand still on NoScript's icon before NoScript's menu is displayed

v 2.0.3.3rc2
==========================================================================
+ [Surrogate] Surrogate scripts are no longer wrapped inside anonymous
functions, in order to allow top-level variables to be forced read-only
by using the const keyword; built-in surrogates have been retrofitted to
prevent scope clashes, by adding anonymous function wrappers as needed

Version 2.0.3.3rc1 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.3.3rc1
==========================================================================
+ [UI] Configurable enter and exit delays for the hover UI behavior, via
noscript.hoverUI.delay* about:config preferences
x [ClearClick] improved compatibility with very short frames (like the top
bar on www.blogger.com, thanks craftcove for reporting)
x [Policy] Removed legacy code specializing TYPE_OTHER

Version 2.0.3.2 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.3.2
==========================================================================
x Work-around for first script element in body of a framed document not
being executed unless password manager is enabled on Minefield
x Work-around for surrogates not being executed in frames on Minefield

v 2.0.3.2rc1
==========================================================================
x Fixed further menu glitches with URL ports (thanks al_9x for reporting)

v 2.0.3.1
==========================================================================
x [UI] added 250ms delay for menu disappearing on mouse out from icon (
disappearing mouse out from menu already used a 500ms delay)
x Fixed explicit port URL related regression (thanks al_9x for reporting)

v 2.0.3.1rc6
==========================================================================
x Fixed further breakages due to Array prototype chain glitches introduced
in latest Minefield

v 2.0.3.1rc5
==========================================================================
x Fixed redirections broken by Array prototype chain glitches introduced
in latest Minefield

v 2.0.3.1rc4
==========================================================================
x Work-arounds for some CAPS implementation impedance mismatches (thanks
GµårÐïåñ and al_9x for reporting)

v 2.0.3.1rc3
==========================================================================
+ [UI] Extended the "open on hover" behavior to the toolbar button
x about:crashes added to the mandatory whitelist

v 2.0.3.1rc2
==========================================================================
x [Surrogate] Fixed window.open not working for HTTP sites on recent
Minefield builds
x Fixed minor glitch in channel replacement on trunk

v 2.0.3.1rc1
==========================================================================
x [Surrogate] Restored the previous document.cookie patching order, since
it seems more compatible with some buggy sites

Version 2.0.3.2rc2 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.3.2rc2
==========================================================================
x Work-around for first script element in body of a framed document not
being executed unless password manager is enabled on Minefield
x Work-around for surrogates not being executed in frames on Minefield

v 2.0.3.2rc1
==========================================================================
x Fixed further menu glitches with URL ports (thanks al_9x for reporting)

Version 2.0.3.1rc7 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.3.1rc7 (same as 2.0.3.1 final)
==========================================================================
x [UI] added 250ms delay for menu disappearing on mouse out from icon (
disappearing mouse out from menu already used a 500ms delay)
x Fixed explicit port URL related regression (thanks al_9x for reporting)

Version 2.0.3.1rc6 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.3.1rc6
==========================================================================
x Fixed further breakages due to Array prototype chain glitches introduced
in latest Minefield

v 2.0.3.1rc5
==========================================================================
x Fixed redirections broken by Array prototype chain glitches introduced
in latest Minefield

Version 2.0.3.1rc4 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1


v 2.0.3.1rc4
==========================================================================
+ Fixed some CAPS implementation impedance mismatches (thanks GµårÐïåñ and
al_9x for reporting)

v 2.0.3.1rc3
==========================================================================
+ [UI] Extended the "open on hover" behavior to the toolbar button
x about:crashes added to the mandatory whitelist

Version 2.0.3.1rc2 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.3.1rc2
==========================================================================
x [Surrogate] Fixed window.open not working for HTTP sites on recent
Minefield builds
x Fixed minor glitch in channel replacement on trunk

Version 2.0.3.1rc1 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b6pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

2.0.3.1rc1
==========================================================================
x [Surrogate] Restored the previous document.cookie patching order, since
it seems more compatible with some buggy sites

Version 2.0.3 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b8pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

2.0.3
==========================================================================
x [Surrogate] Improved compatibility of the popunder surrogate
x [Surrogate] Fixed broken meebo.com detached windows
x [L10n] Updated it-IT

v 2.0.3rc4
==========================================================================
+ [Pref] "NoScript Options|Appearance|Open permissions menu when mouse
hovers over NoScript's icon" checkbox
x [UI] Minor refinements in the new "UI on hovering" behavior

v 2.0.3rc3
==========================================================================
x [XSS] Fixed "Unsafe reload" not working under some circumstances (thanks
the JoshMeister for reporting)
+ [XSS] Better compatibility with Blogspot's CMS (thanks the JoshMeister
for reporting)
x Fixed "setting a property that has only a getter" warning in strict mode
x Better compatibility with CDNs improperly serving JavaScript files with
a CSS mime type

v 2.0.3rc2
==========================================================================
x Fixed "Partially allowed" message instead of "Forbidden" when everything
is blocked, including some embeddings (thanks jan for reporting)
x Fixed "No placeholder from untrusted" broken since 2.0.2.4 (thanks al_9x
for reporting)

v 2.0.3rc1
==========================================================================
+ [UI] Clickless "on over" opening of the status bar menu, can be disabled
via noscript.hoverUI about:config preference (thanks safemode for RFE)
x Fixed embedded fonts requiring the page to be allowed, rather than the
just the object, if embedded in data: URIs (thanks Alexander Konovalenko
for reporting)

Version 2.0.3rc5 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b6pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

2.0.3rc5
==========================================================================
x [Surrogate] Improved compatibility of the popunder surrogate
x [Surrogate] Fixed broken meebo.com detached windows
x [L10n] Updated it-IT

Version 2.0.3rc4 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b6pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.3rc4
==========================================================================
+ [Pref] "NoScript Options|Appearance|Open permissions menu when mouse
hovers over NoScript's icon" checkbox
x [UI] Minor refinements in the new "UI on hovering" behavior

Version 2.0.3rc3 497.7 kB Funktioniert mit Firefox 3.0 - 4.0b6pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

2.0.3rc3
==========================================================================
x [XSS] Fixed "Unsafe reload" not working under some circumstances (thanks
the JoshMeister for reporting)
+ [XSS] Better compatibility with Blogspot's CMS (thanks the JoshMeister
for reporting)
x Fixed "setting a property that has only a getter" warning in strict mode
x Better compatibility with CDNs improperly serving JavaScript files with
a CSS mime type

Version 2.0.3rc2 496.6 kB Funktioniert mit Firefox 3.0 - 4.0b6pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.3rc2
==========================================================================
x Fixed "Partially allowed" message instead of "Forbidden" when everything
is blocked, including some embedding (thanks jan for reporting)
x Fixed "No placeholder from untrusted" broken since 2.0.2.4 (thanks al_9x
for reporting)

Version 2.0.3rc1 496.6 kB Funktioniert mit Firefox 3.0 - 4.0b6pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.3rc1
==========================================================================
+ [UI] Clickless "on over" opening of the status bar menu, can be disabled
via noscript.hoverUI about:config preference (thanks safemode for RFE)
x Fixed embedded fonts requiring the page to be allowed, rather than the
just the object, if embedded in data: URIs (thanks Alexander Konovalenko
for reporting)

Version 2.0.2.5 496.6 kB Funktioniert mit Firefox 3.0 - 4.0b6pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.2.5
==========================================================================
x [XSS] Further FBML compatibility improvements

Version 2.0.2.5rc1 496.6 kB Funktioniert mit Firefox 3.0 - 4.0b6pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.2.5rc1
==========================================================================
x [XSS] Further FBML compatibility improvements

Version 2.0.2.4rc2 496.6 kB Funktioniert mit Firefox 3.0 - 4.0b6pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.2.4rc2 (identical to v 2.0.2.4 final)
==========================================================================
+ [XSS] Improved Facebook games compatibility
x [ClearClick] Fixed ABP tabs interfering with cross-window snapshots
x [ClearClick] Fixed bug preventing clicks on frames embedded by URLs
which have no host field
- Removed legacy code to handle ABP tabs on NoScript-blocked objects

v 2.0.2.4rc1
==========================================================================
x [HSTS] Fixed SSL certificate error pages not being patched (removing
the expert interface) when a broken HSTS site is open first time (thaks
Porkulus for reporting)

Version 2.0.2.4rc1 496.6 kB Funktioniert mit Firefox 3.0 - 4.0b6pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.2.4rc1
==========================================================================
x [HSTS] Fixed SSL certificate error pages not being patched (removing
the expert interface) when a broken HSTS site is open for the first time
(thaks Porkulus for reporting)

Version 2.0.2.3 496.6 kB Funktioniert mit Firefox 3.0 - 4.0b6pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.2.3
==========================================================================
x [XSS] Fixed optimization bug which may lead to slower checks on specific
source patterns

Version 2.0.2.3rc1 496.6 kB Funktioniert mit Firefox 3.0 - 4.0b5pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.2.3
==========================================================================
x [XSS] Fixed optimization bug which may lead to slower checks on specific
source patterns

Version 2.0.2.2rc2 496.6 kB Funktioniert mit Firefox 3.0 - 4.0b5pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.2.2rc2
==========================================================================
x [XSS] Huge InjectionChecker speed optimization, prevents most DOS false
positives caused by checks timeout (thanks Sylvia Oberstein for report)

Version 2.0.2.1rc1 496.6 kB Funktioniert mit Firefox 3.0 - 4.0b5pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.2.1rc1 (identical to 2.0.2.1 final)
==========================================================================
x [Surrogate] Fixed fallback regression (thanks al_9x for report)

v 2.0.2
==========================================================================
x Further accessibility enhancements (thanks Jonathan Ely for report)
x Fixed matching issue with document.open() pages

v 2.0.2rc10
==========================================================================
x Further accessibility enhancements (thanks Jonathan Ely for report)

v 2.0.2rc9
==========================================================================
x [Surrogate] Fixed scoping issue in debug mode
x [Surrogate] Adapted existing surrogates to new page-level execution
method
x Further accessibility enhancements (thanks Jonathan Ely for report)

v 2.0.2rc8
==========================================================================
x Minor accessibility enhancements (thanks Jonathan Ely for report)

v 2.0.2rc7
==========================================================================
x [Surrogate] Enabled back surrogate execution on pages created with
document.open(), identified by the pseudo-URL "wyciwyg:" for matching
purposes
x [Surrogate] Surrogates sources can match any URL except those with
scheme chrome, resource, about or view-source

v 2.0.2rc6
==========================================================================
x Fixed regression in SWFObject emulated support (thanks al_9x for report)
x [Surrogate] Disabled inconsistent surrogate execution on pages created
with document.open()

v 2.0.2rc5
==========================================================================
+ [Surrogate] Removed execution dependency on early DOM manipulation
x [ABE] Fixed Anonymize action causing exceptions to be reported in console
sometimes on Minefield
x [ClearClick] Work-around for uservoice.com false positive

v 2.0.2rc4
==========================================================================
x [XSS] Work-around for XSS by design in the Facebook API preventing some
games from working properly
x [Surrogate] fixed surrogates interfering with forced NOSCRIPT element
activation

v 2.0.2rc3
==========================================================================
+ [Surrogate] Improved page-level surrogate timing on Gecko version
1.9.2.8 and above
x [Surrogate] Fixed in-frame page-level surrogates causing some sites to
loose history navigation functionality
- [Surrogate] Dropped support for page-level in-frame surrogates on Gecko
version 1.9.2.7 and below
x [XSS] Correctness enhancement in the ASP Unicode homograph work-around

v 2.0.2rc2
==========================================================================
+ [XSS] Work-around for questionable Unicode to ASCII homographic
conversions performed by Microsoft's "Classic" ASP
x Tighter UI synchronization callbacks

v 2.0.2rc1
==========================================================================
x Tentative fix for UI sync regression reported by al_9x

Version 2.0.2rc11 496.6 kB Funktioniert mit Firefox 3.0 - 4.0b4pre, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 - 2.1b1

v 2.0.2rc11 (identical to 2.0.2 final)
==========================================================================
x Further accessibility enhancements (thanks Jonathan Ely for report)
x Fixed matching issue with document.open() pages

v 2.0.2rc10
==========================================================================
x Further accessibility enhancements (thanks Jonathan Ely for report)

v 2.0.2rc9
==========================================================================
x [Surrogate] Fixed scoping issue in debug mode
x [Surrogate] Adapted existing surrogates to new page-level execution
method
x Further accessibility enhancements (thanks Jonathan Ely for report)

v 2.0.2rc8
==========================================================================
x Minor accessibility enhancements (thanks Jonathan Ely for report)

v 2.0.2rc7
==========================================================================
x [Surrogate] Enabled back surrogate execution on pages created with
document.open(), identified by the pseudo-URL "wyciwyg:" for matching
purposes
x [Surrogate] Surrogates sources can match any URL except those with
scheme chrome, resource, about or view-source

v 2.0.2rc6
==========================================================================
x Fixed regression in SWFObject emulated support (thanks al_9x for report)
x [Surrogate] Disabled inconsistent surrogate execution on pages created
with document.open()

v 2.0.2rc5
==========================================================================
+ [Surrogate] Removed execution dependency on early DOM manipulation
x [ABE] Fixed Anonymize action causing exceptions to be reported in console
sometimes on Minefield
x [ClearClick] Work-around for uservoice.com false positive

v 2.0.2rc4
==========================================================================
x [XSS] Work-around for XSS by design in the Facebook API preventing some
games from working properly
x [Surrogate] fixed surrogates interfering with forced NOSCRIPT element
activation

v 2.0.2rc3
==========================================================================
+ [Surrogate] Improved page-level surrogate timing on Gecko version
1.9.2.8 and above
x [Surrogate] Fixed in-frame page-level surrogates causing some sites to
loose history navigation functionality
- [Surrogate] Dropped support for page-level in-frame surrogates on Gecko
version 1.9.2.7 and below
x [XSS] Correctness enhancement in the ASP Unicode homograph work-around

v 2.0.2rc2
==========================================================================
+ [XSS] Work-around for questionable Unicode to ASCII homographic
conversions performed by Microsoft's "Classic" ASP
x Tighter UI synchronization callbacks

v 2.0.2rc1
==========================================================================
x Tentative fix for UI sync regression reported by al_9x