Firefox Browser Add-ons
  • Explore
  • Extensions
  • Themes
    • for Firefox
    • Dictionaries & Language Packs
    • Search Tools
    • Other Browser Sites
    • Add-ons for Android
Extension WorkshopDeveloper HubDownload FirefoxRegister or Sign In
Add-on icon

NoScript Security Suite version history - 25 versions

NoScript Security Suiteby Giorgio Maone

Rated 4.4 out of 5
4.4 Stars out of 5
NoScript Security Suite version history - 25 versions
  • Be careful with old versions! These versions are displayed for testing and reference purposes.

    You should always use the latest version of an add-on.

  • Latest version

    Version 11.0.9

    Released Nov 19, 2019 - 558.61 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 11.0.9
    ============================================================
    x [Chromium] Prevent duplicated MSE placeholders (e.g. on
    Youtube)
    x Fixed external scripts included in HEAD of file:// pages
    failing (issue #115)
    x [XSS] Updated HTML 5 events inventory
    x Best effort to make media placeholders visible and
    clickable
    x Placeholders for MSE on Chromium too
    x Use invalid IP rather than domain name to prevent offline
    status from breaking sync messaging in Chromium
    x Removed empty exportFunction() Chromium shim
    x Updated TLDs

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Older versions

    Version 11.0.8

    Released Nov 7, 2019 - 557.58 KB
    Works with firefox 59.0 and later, android 59.0 and later
    x [L10n] Updated da, ja, lt, mk, nl
    x Fixed onionSecure setting persistence issue (Tor ticket
    #32362)
    x Fixed CSP DOM injection breaking XML documents rendering

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 11.0.7

    Released Nov 4, 2019 - 539.69 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 11.0.7
    ============================================================
    x Use fragments to reinsert and run previously blocked
    scripts
    x Fetch policies asynchronously for about: and javascript:
    URLs
    x Remove loop around XHR

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 11.0.6

    Released Nov 1, 2019 - 539.63 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 11.0.6
    ============================================================
    x Compute the correct origin for the policy to be fetched
    from about:blank and javascript: URLs
    x Work-around for Youtube video elements positioned
    off-display at replacement time
    x Version numbers for Chromium dev builds compatible with
    Chromestore requirements
    x Script blocking before policy is fetched only for
    synchronous loads
    x Make tests not to run automatically on dev mode startup
    anymore

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 11.0.4

    Released Oct 27, 2019 - 539.09 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 11.0.4
    ============================================================
    x [Tor] Treat .onion sites whose protocol is HTTP as if it
    was HTTPS
    x [Mobile] Blocked scripts count displayed in the browser
    action menu item
    x Consolidated missing endpoint error detection in Messages
    x More compatible Messages abstraction
    x Progressive count of debug messages to better trace
    asynchronous execution
    x [XSS] Fixed false positive (property assignment)
    x Fixed typo causing initializing promise not being cached
    x Avoid unnecessary page reloads on extension updates
    x Fixed undefined variable error when in debugging mode
    x [Tor] Display .onion sites as "secure" in the UI (tickets
    #27313 and #27307)
    x Support for splitting sync storage items into chunks, to
    allow synchronization of big policies across devices
    x IPv4 subnet shortcut matching
    x Fallback to local storage for any item exceeding limits
    (fixes persistence problems on Chromium)
    x Alternate version numbering for Chromium pre-releases
    x Simplified, less noisy and more resilient Messages
    abstraction implementation (thanks barbaz for reporting)
    x Handle edge-case policy retrieval for file:// pages loaded
    by session restore on startup and alike
    x Improved Chromium development-build workflow
    x Fix CSP violation reporting management of "fake"
    blocked-uri like "eval"
    x Recursive webgl context monkeypatching across same origin
    windows (thanks skriptimaahinen for concept and patch)
    x Replaced cookie-based hacks with synchronous messaging
    (currently shimmed) to retrieve fallback and
    per-tab restriction policies
    x Work-around for Chromium not supporting frameAncestors
    in webRequest
    x [L10n] Updated Transifex-managed ca, da, it, nl, ru, sv_SE
    x [XSS] Updated HTML5 events
    x Updated TLDs
    x Fixed "Cascade top document restrictions" option not always
    applied to embedded elements (thanks barbaz for reporting)
    x Removed XSS prompt for timeouts

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 11.0.3

    Released Aug 19, 2019 - 535.65 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 11.0.3
    =============================================================
    x [Tor] Work-around for prompts being huge when
    resistFingerprinting is enabled
    x [XSS] Fixed false positives due to overzealous HTML
    attribute checking
    x [XSS] Enabled InjectionChecker logging when debugging mode
    is on
    x Work-around for browser.i18n.getMessage() API in content
    scripts giving away browser's real locale (Tor issue #31287)
    x Updated TLDs
    x [L10n] Updated Transifex-managed he, is, nb, ru, sq, zh_TW

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 11.0.2

    Released Jul 25, 2019 - 535.21 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 11.0.2
    =============================================================
    + Restored "classic" pasted HTML sanitization feature, Now
    triggered by drag'n'drop too (thanks barbaz for patch)
    x Fixed bug in browser type detection by content scripts (
    thanks barbaz)
    + Added "Collapse blocked objects" option in Blocked Objects
    prompt
    x Fixed corner case when application/* content types should
    match "media" rather than "object" (thanks skriptimaahinen
    for reporting)
    x Replacement clicks are now intercepted even if a content
    placeholder is obstructed by an overlay
    x More graceful handling of chrome: origins (thanks
    skriptimaahinen for reporting)
    x CSP building optimizations
    x Updated TLDs.
    x [L10n] Updated Transifex-managed locales br, de, it, ms,
    nl, ru, tr, nb, sv_SE and zh_CN

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 11.0

    Released Jun 24, 2019 - 533.93 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 11.0
    =============================================================
    x [XSS] Fixed false positives with parameters named "src"
    x Static click-to-play placeholders
    + [L10n] New da, is, pl, sq, zh_TW Transifex-managed locales
    x [L10n] Updated sv_SE Transifex-managed locale

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.6.3

    Released Jun 15, 2019 - 506.44 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.6.3
    =============================================================
    x Multiple fixes in embeddings replacement (thanks barbaz
    for reporting)
    x Fixed [Import] settings button on Android
    x [XSS] JSON reduction optimizations
    x [XSS] XSS checks performance improvements play nicer with
    resistFingerprinting
    x [XSS] Fully asynchronous InjectionChecker, prevents freezes
    on heavy payloads
    x Skip page autoreloads on transitions between temporary and
    permanent presets of the same kind
    x Updated TLDs

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.6.2

    Released May 22, 2019 - 504.48 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.6.2
    =============================================================
    x Removed work-around for https://bugzil.la/1532530 (now
    fixed and backported to the Tor Browser too)
    x Fixed media.mediasource.enabled breakage (thanks
    skriptimaahinen for patch)
    x Reference internal pages as absolute URLs for Chromium
    compatibility
    x Updated TLDs
    x [Locale] Updated Transifex-managed locales (es, ms, tr)

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.6.1

    Released Apr 10, 2019 - 507.54 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.6.1
    =============================================================
    x Make RequestGuard's header processing synchronous as needed
    x Fixed inconsistencies handling browser-internal URLs
    x Fixed resetting options works just once per session
    (defaults reference current settings) - issue #69
    x [Locale] Updated Transifex-managed locales (de, fr, it, tr,
    nl)

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.6

    Released Apr 7, 2019 - 507.83 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.6
    =============================================================
    x Limit wrappedJSObject usages to compatible browsers
    x [Chromium] Merged chromium branch (unified code base)
    x [Locale] Updated Transifex-managed locales
    x Updated TLDs

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.2.5

    Released Mar 24, 2019 - 490.81 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.2.5
    =============================================================
    x [XSS] Improved detection of privileged origins (fixes an
    about:tor to DuckDuckGo false positive)

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.2.4

    Released Mar 20, 2019 - 490.77 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.2.4
    =============================================================
    x Improved prompts layout (thanks Ton for suggestion)
    x Improved unscanned POST blocking

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.2.3

    Released Mar 19, 2019 - 490.72 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.2.3
    =============================================================
    x [l10n] Updated Transifex-managed locales
    x Fixed POST searches from the url bar causing XSS warnings
    x Fixed popup top buttons not visible in high contrast
    appearance mode (thanks pjaworski for reporting)
    x Optimized popup layout initialization

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.2.2

    Released Mar 17, 2019 - 490.64 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.2.2
    =============================================================
    x [L10n] Updated Transifex-managed locales
    + Cascading top document's restrictions to subdocuments is now
    an option in the General section and defaults to true on
    the Tor Browser only
    + "Scan uploads for potential cross-site attacks" and "Ask
    confirmation for cross-site POST requests which could not
    be scanned" options: in Tor Browser default false and true,
    respectively, as a work-around for mozbug 1532530
    + [Tor] "Override Tor Browser Security Level preset" option
    + [Tor] Selective handling of Tor Browser specific settings
    x Updated TLDs
    x [XSS] Updated event names
    x Safer cookie-less check for unrestricted tabs from subdocs
    x [Build] Easier version bumps to next rc (build.sh bump rcX)
    x Fixed unrestricted tabs not affecting about:blank subframes
    (issue #48, thanks musonius for reporting)
    x [XSS] Updated known HTML events lists
    + [Locale] Added sv_SE (by Jonatan Nyberg)

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.2.1

    Released Dec 23, 2018 - 475.29 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.2.1
    =============================================================
    x Cascade top document's restrictions to subframes (Tor
    issue #28873)
    x Fixed restored media element from placeholder not loading
    previously blocked content automatically
    x Fixed placeholders missing for some blocked embeddings
    (Tor ticket #28720)

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.2.0

    Released Nov 25, 2018 - 475.11 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.2.0
    ============================================================
    x [L10n] Updated fr, he
    x Allow origin-less fetch for extensions (issue #41)
    x Fixed meta refresh inside NOSCRIPT emulation breaking
    Firefox's built-in refresh blocking
    x Fixed issue #35 "tabId is not defined" on startup
    x Darker red badge background to ensure text is kept white
    across browsers
    </pre>

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.1.9.9

    Released Oct 16, 2018 - 475.12 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.1.9.9
    =============================================================
    x Prevention of potential race condition in the new per-tab
    configuration cookie-based hack
    x Better cross-platfrom build script compatibility
    x Per-tab configuration cookie-based hack, leaves window.name
    alone
    x Various build scripts fixes

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.1.9.8

    Released Oct 6, 2018 - 475.12 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.1.9.8
    =============================================================
    x Fixed preset customization UI showing inherited DEFAULT
    permissions if a protocol-level preset exists
    x Simplified CSP HTTP header injection, avoiding report-to
    until actually supported by browsers
    x [L10n] Updated ru (thanks fatboy)
    + [Tor] Better UX for overriding protocol-level permissions
    + [Build] Option to force TLD updates
    + [L10n] Updated (es, ru) and new (el, he, ms, nb) locales
    from OTF's Localization Lab Transifex project
    + [L10n] no_BO translation by comradekingu
    + FTP directory UI emulation on script-disabled domains
    x Include ftp:// URLs in non-secure domain matching (thanks
    Rassilon for RFE)

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.1.9.6

    Released Sep 14, 2018 - 446.58 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.1.9.6
    =============================================================
    x [TB] Gracefully handle legacy external message recipients
    x [XSS] Updated known HTML5 events
    x Better IPV6 support
    x UI support for protocol-only entries

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.1.9.5

    Released Sep 9, 2018 - 446.26 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.1.9.5
    =============================================================
    x Fix for various content script timing related issues
    (thanks therube for reporting)

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.1.9.4

    Released Sep 9, 2018 - 446.37 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.1.9.4
    =============================================================
    x Prevent total breakages when policies accidentally map
    to invalid match patterns
    x Internal messaging dispatch better coping with multiple
    option windows
    x Avoid multiple CSP DOM insertions

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.1.9.3

    Released Sep 9, 2018 - 446.25 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.1.9.3
    =============================================================
    x Fixed message handling regression breaking embedders and
    causing potential internal message loops

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
  • Version 10.1.9.2

    Released Sep 8, 2018 - 446.12 KB
    Works with firefox 59.0 and later, android 59.0 and later
    v 10.1.9.2
    =============================================================
    x More efficient window.name-based tab-scoped permissions
    persistence
    x Fixed URL parsing bugs
    x Fixed bug in requestKey generation
    x [Build] Enhanced TLD data update subsystem
    + [UI] CUSTOM presets gets initialized with currently applied
    preset, including temporary/permanent status
    x Improved internal message dispatching, avoiding potential
    race conditions
    + [L10n] Transifex integration
    x Work-around for DOM-injected CSP not being honored when
    appended to the root element, rather than HEAD
    + Transparent support for FQDNs
    x Better file: protocol support
    x Full-page placeholders for media/plugin documents

    Source code released under GNU General Public License, version 2.0

    Only with Firefox—Get Firefox Now
Go to Mozilla’s homepage

Add-ons

  • About
  • Blog
  • Extension Workshop
  • Developer Hub
  • Developer Policies
  • Forum
  • Report a bug
  • Review Guide
  • Site Status

Firefox

  • Download Firefox
  • Android Browser
  • iOS Browser
  • Focus Browser
  • Desktop Browser
  • Beta, Nightly, Developer Edition
  • Twitter (@firefox)
  • Facebook (Firefox)
  • YouTube (firefoxchannel)
  • Privacy
  • Cookies
  • Legal

Except where otherwise noted, content on this site is licensed under the Creative Commons Attribution Share-Alike License v3.0 or any later version.