Versionsgeschichte von NoScript

643 Versionen

Seien Sie vorsichtig mit alten Versionen!

Diese Versionen werden zu Referenz- und Testzwecken angezeigt. Sie sollten immer die letzte Version eines Add-ons verwenden.

Version 2.6.8.30rc2 525.5 KiB Funktioniert mit Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.30rc2
=========================================================================
x [Surrogate] Fixed regression about a small change in sandbox principal
management breaking some surrogates, including Google Analytics

v 2.6.8.30rc1
=========================================================================
x [CAPS] better compatibility with Firefox 30's restored checkloaduri
prefs hack
+ UI support for cascadePermissions and restrictSubdocScripting
+ "NoScript Options|Advanced|Trusted|Cascade top document's permissions
to 3rd party scripts" user-facing preference
+ "NoScript Options|Advanced|Untrusted|Block scripting in whitelisted
subdocuments of non-whitelisted pages" user-facing preference
+ Backported cascadePermissions and restrictSubdocScripting support to
ESR 24

Version 2.6.8.30rc1 525.6 KiB Funktioniert mit Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.30rc1
=========================================================================
x [CAPS] better compatibility with Firefox 30's restored checkloaduri
prefs hack
+ UI support for cascadePermissions and restrictSubdocScripting
+ "NoScript Options|Advanced|Trusted|Cascade top document's permissions
to 3rd party scripts" user-facing preference
+ "NoScript Options|Advanced|Untrusted|Block scripting in whitelisted
subdocuments of non-whitelisted pages" user-facing preference
+ Backported cascadePermissions and restrictSubdocScripting support to
ESR 24

Version 2.6.8.29rc1 523.9 KiB Funktioniert mit Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

Version 2.6.8.28rc1 521.0 KiB Funktioniert mit Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.28rc1
=========================================================================
x Fixed bookmarklet execution on non-whitelisted page causing scripts
to be globally allowed (thanks barbaz and therube for reporting)

Version 2.6.8.27rc3 521.0 KiB Funktioniert mit Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.27rc3
=========================================================================
x [Surrogate] Better trigger timing
x Work-around for bug 1005552 (backport to ESR)

v 2.6.8.27rc2
=========================================================================
+ [Surrogate] External script surrogates are now triggered whenever a
matching script fails to load, no matter the reason, e.g. NoScript
permissions, ABE, ABP or RequestPolicy (thanks bonanza for RFE)

Version 2.6.8.27rc2 520.9 KiB Funktioniert mit Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.27rc2
=========================================================================
+ [Surrogate] External script surrogates are now triggered whenever a
matching script fails to load, no matter the reason, e.g. NoScript
permissions, ABE, ABP or RequestPolicy (thanks bonanza for RFE)

Version 2.6.8.27rc1 521.2 KiB Funktioniert mit Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.27rc1
=========================================================================
x [XSS] Worked around OpenID-related false positive (thanks Gunnar for
reporting)
x [XSS] Better work around for false positive in gmx.com new webmail,
designed to work across all its implementations

Version 2.6.8.26rc1 520.8 KiB Funktioniert mit Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.26rc1
=========================================================================
x [XSS] gmx.com false positive work-around extended to international
domains (thanks dood_97 for reporting)
x [XSS] gmx.com false positive work-around extended to mail.com (thanks
boris for reporting)
+ noscript.cascadePermissions preliminary backend implementation
+ noscript.restrictSubdocScripting preliminary backend implementation

Version 2.6.8.25rc2 520.8 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.25rc2
=========================================================================
x [ABE] Fixed inability to discriminate loads inititated from the URL bar
on latest Nightlies (thanks Soothsayer for reporting)
x [XSS] Improved fix for false positive on new gmx.com login (thanks
Luigi and LeeB for reporting)

v 2.6.8.25rc1
=========================================================================
x [Surrogate] Fixed new google-analytics.com surrogate causing Google
Spreadsheet's columns not to be resizable (thanks bobbybrown for
reporting)
x [XSS] Fixed false positive on new gmx.com login (thanks Luigi for
reporting)

Version 2.6.8.25rc1 520.8 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.25rc1
=========================================================================
x [Surrogate] Fixed new google-analytics.com surrogate causing Google
Spreadsheet's columns not to be resizable (thanks Luigi for reporting)
x [XSS] Fixed false positive on new gmx.com login (thanks bobbybrown for
reporting)

Version 2.6.8.24rc5 520.6 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.24rc5
=========================================================================
+ More flexible implementation of the fake script load events feature,
triggered by default only by Require.js module imports, can be fully
configured by noscript.fakeScriptLoadEvents.* about:config preferences:
* .enabled: switches this feature on/off
* .onlyRequireJS: if true (default) applies the feature only to script
inclusions initiated by Require.js
* .exceptions: AddressMatcher pattern matching the source URLs of
script elements which should not cause fake load events when blocked
* .docExceptions: AddressMatcher pattern matching the URLs of documents
where no fake load event must be raised

v 2.6.8.24rc4
=========================================================================
+ Synthetic load events are sent and error events are suppressed for
blocked script elements, in order to work around strict script
inclusion enforcers such as Require.js (this feature is configured by
the noscript.fakeScriptLoadEvents about:config preference)
x Improved toStaticHTML() implementation (thanks .mario for reporting)
x Removed useless ICC profiles from some icons (thanks taffit for RFE)
x [Surrogate] Improved google-analytics.com (ga) surrogate

v 2.6.8.24rc3
=========================================================================
x [XSS] Fixed characters redundancy reduction bug (thanks Masato Kinugawa
for reporting)

v 2.6.8.24rc2
=========================================================================
x [XSS] Fixed typo in the new regular expression literals stripping
routine implementation (thanks Masato Kinugawa for reporting)

v 2.6.8.24rc1
=========================================================================
x [XSS] Fixed subtle bug in regular expression literals stripping
optimization, potentially causing false negatives in edge cases (thanks
Masato Kinugawa for reporting)

v 2.6.8.23rc1
=========================================================================
x Work-around for Firefox bug causing popup.hidePopup() to fail sometimes
and NoScript's on-hover menu needing a click to be closed

Version 2.6.8.24rc4 520.4 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.24rc4
=========================================================================
+ Synthetic load events are sent and error events are suppressed for
blocked script elements, in order to work around strict script
inclusion enforcers such as Require.js (this feature is configured by
the noscript.fakeScriptLoadEvents about:config preference)
x Improved toStaticHTML() implementation (thanks .mario for reporting)
x Removed useless ICC profiles from some icons (thanks taffit for RFE)
x [Surrogate] Improved google-analytics.com (ga) surrogate

v 2.6.8.24rc3
=========================================================================
x [XSS] Fixed characters redundancy reduction bug (thanks Masato Kinugawa
for reporting)

v 2.6.8.24rc2
=========================================================================
x [XSS] Fixed typo in the new regular expression literals stripping
routine implementation (thanks Masato Kinugawa for reporting)

v 2.6.8.24rc1
=========================================================================
x [XSS] Fixed subtle bug in regular expression literals stripping
optimization, potentially causing false negatives in edge cases (thanks
Masato Kinugawa for reporting)

v 2.6.8.23rc1
=========================================================================
x Work-around for Firefox bug causing popup.hidePopup() to fail sometimes
and NoScript's on-hover menu needing a click to be closed

Version 2.6.8.24rc3 525.9 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.24rc3
=========================================================================
x [XSS] Fixed characters redundancy reduction bug (thanks Masato Kinugawa
for reporting)

v 2.6.8.24rc2
=========================================================================
x [XSS] Fixed typo in the new regular expression literals stripping
routine implementation (thanks Masato Kinugawa for reporting)

v 2.6.8.24rc1
=========================================================================
x [XSS] Fixed subtle bug in regular expression literals stripping
optimization, potentially causing false negatives in edge cases (thanks
Masato Kinugawa for reporting)

Version 2.6.8.24rc2 525.7 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.24rc2
=========================================================================
x [XSS] Fixed typo in the new regular expression literals stripping
routine implementation (thanks Masato Kinugawa for reporting)

v 2.6.8.24rc1
=========================================================================
x [XSS] Fixed subtle bug in regular expression literals stripping
optimization, potentially causing false negatives in edge cases (thanks
Masato Kinugawa for reporting)

Version 2.6.8.24rc1 525.7 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.24rc1
=========================================================================
x [XSS] Fixed subtle bug in regular expression literals stripping
optimization, potentially causing false negatives in edge cases (thanks
Masato Kinugawa for reporting)

Version 2.6.8.23rc1 525.6 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.23rc1
=========================================================================
x Work-around for Firefox bug causing popup.hidePopup() to fail sometimes
and NoScript's on-hover menu needing a click to be closed

Version 2.6.8.22rc1 525.5 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.22rc1
=========================================================================
x Better algorithm for menu items ordering

Version 2.6.8.21rc2 525.5 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.21rc2
=========================================================================
x Fixed XSL check regression (thanks barbaz for reporting)
x Work-around for bug 1005552

v 2.6.8.21rc1
=========================================================================
+ [Surrogate] Gravatar dummy replacement
x [Australis] Support for reversed menu on surrogate status/addon bars

Version 2.6.8.21rc1 525.5 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.21rc1
=========================================================================
+ [Surrogate] Gravatar dummy replacement
x [Australis] Support for reversed menu on surrogate status/addon bars

Version 2.6.8.20rc3 525.5 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.20rc3
=========================================================================
x Partially restored "Allow local links" functionality (works for HTML
file:// links but not for embedded resources and scripted loads)
+ "allowLocalLinks.from" about:config preference to define a whitelist
(in ABE URL pattern list syntax) which, if valid and not empty,
overrides the JavaScript whitelist which is reused by legacy default
for pages allowed to open file:// links (Gecko 28 and above)
+ "allowLocalLinks.to" about:config preference to define a whitelist
(in ABE URL pattern list syntax) which, if valid and not empty,
limits the file:// links which can be opened by allowed pages
(Gecko 28 and above)
- Removed "Allow rich text copy and paste from external clipboard" option
from the UI if the browser doesn't support CAPS (Gecko 28 and above)

v 2.6.8.20rc2
=========================================================================
x Implemented early permission changes enforcement on not yet reloaded
pages, to better match the old CAPS-based behavior (thanks therube
for reporting)

v 2.6.8.20rc1
=========================================================================
x [Surrogates] Fixed Google Analytics surrogate breaking some javascript:
links (thanks Will for reporting)
x [L18n] Fixed Finnish typo (thanks Kalle Niemitalo for reporting)
x [XSS] Removed OAuth-triggered false positive (thanks Gunnar Scherf for
reporting)
x [XSS] Stricter checks for HTTPS requests from a same domain origin with
different scheme (thanks LouiseRBaldwin for reporting)

Version 2.6.8.20rc2 524.8 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.20rc2
=========================================================================
x Implemented early permission changes enforcement on not yet reloaded
pages, to better match the old CAPS-based behavior (thanks therube
for reporting)

v 2.6.8.20rc1
=========================================================================
x [Surrogates] Fixed Google Analytics surrogate breaking some javascript:
links (thanks Will for reporting)
x [L18n] Fixed Finnish typo (thanks Kalle Niemitalo for reporting)
x [XSS] Removed OAuth-triggered false positive (thanks Gunnar Scherf for
reporting)
x [XSS] Stricter checks for HTTPS requests from a same domain origin with
different scheme (thanks LouiseRBaldwin for reporting)

Version 2.6.8.20rc1 525.0 KiB Funktioniert mit Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.20rc1
=========================================================================
x [Surrogates] Fixed Google Analytics surrogate breaking some javascript:
links (thanks Will for reporting)
x [L18n] Fixed Finnish typo (thanks Kalle Niemitalo for reporting)
x [XSS] Removed OAuth-triggered false positive (thanks Gunnar Scherf for
reporting)
x [XSS] Stricter checks for HTTPS requests from a same domain origin with
different scheme (thanks LouiseRBaldwin for reporting)

Version 2.6.8.19rc2 524.8 KiB Funktioniert mit Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.19rc2
=========================================================================
x Fixed CAPS initialization broken in Gecko 27 and below

v 2.6.8.19rc1
=========================================================================
x Fixed wildcard port matching broken in Gecko 28 and below

Version 2.6.8.19rc1 525.0 KiB Funktioniert mit Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.19rc1
=========================================================================
x Fixed wildcard port matching broken in Gecko 28 and below

Version 2.6.8.18rc2 524.7 KiB Funktioniert mit Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.18rc2
=========================================================================
x Fixed some bookmarklets being broken by Gecko 28
x [Surrogate] Fixed some surrogates being broken by Gecko 28
- Disabled CAPS-based script blocking for Gecko 28 and above

v 2.6.8.18rc1
=========================================================================
x Fixed XSLT blocking broken by recent Gecko changes (thanks Xenos for
reporting)

Version 2.6.8.18rc1 524.6 KiB Funktioniert mit Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

Version 2.6.8.17rc1 524.5 KiB Funktioniert mit Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.17rc1
=========================================================================
x CSS tweak for Australis support (thanks Jared Wein)
x Fixed new bookmarklet execution module accidentally using X rays
wrappers and therefore failing to interact with expando variables

Version 2.6.8.16rc4 524.5 KiB Funktioniert mit Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.16rc4
=========================================================================
x Closing a placeholder doesn't collapse its space anymore, unless the
noscript.placeholderCollapseOnClose is set to true or the "Collapse
blocked objects" Embeddings option is checked (thanks Elmart for RFE)

v 2.6.8.16rc3
=========================================================================
x Further bookmarklet emulation improvements yet (thanks porl for RFEs)

v 2.6.8.16rc2
=========================================================================
x Further bookmarklet emulation improvements (thanks porl for testbed)

v 2.6.8.16rc1
=========================================================================
x More faithful bookmarklet corner-cases emulation

Version 2.6.8.16rc3 524.4 KiB Funktioniert mit Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.16rc3
=========================================================================
x Further bookmarklet emulation improvements yet (thanks porl for RFEs)

v 2.6.8.16rc2
=========================================================================
x Further bookmarklet emulation improvements (thanks porl for testbed)

v 2.6.8.16rc1
=========================================================================
x More faithful bookmarklet corner-cases emulation

Version 2.6.8.16rc2 524.8 KiB Funktioniert mit Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.16rc2
=========================================================================
x Further bookmarklet emulation improvements (thanks porl for testbed)

v 2.6.8.16rc1
=========================================================================
x More faithful bookmarklet corner-cases emulation