AMO is getting a new look. Would you like to see it?

Visit the new site

Close

NoScript Security Suite Version History

686 versions

Be careful with old versions!

These versions are displayed for reference and testing purposes. You should always use the latest version of an add-on.

Version 2.6.8.21rc2 525.5 KiB Works with Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.21rc2
=========================================================================
x Fixed XSL check regression (thanks barbaz for reporting)
x Work-around for bug 1005552

v 2.6.8.21rc1
=========================================================================
+ [Surrogate] Gravatar dummy replacement
x [Australis] Support for reversed menu on surrogate status/addon bars

Version 2.6.8.21rc1 525.5 KiB Works with Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.21rc1
=========================================================================
+ [Surrogate] Gravatar dummy replacement
x [Australis] Support for reversed menu on surrogate status/addon bars

Version 2.6.8.20rc3 525.5 KiB Works with Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.20rc3
=========================================================================
x Partially restored "Allow local links" functionality (works for HTML
file:// links but not for embedded resources and scripted loads)
+ "allowLocalLinks.from" about:config preference to define a whitelist
(in ABE URL pattern list syntax) which, if valid and not empty,
overrides the JavaScript whitelist which is reused by legacy default
for pages allowed to open file:// links (Gecko 28 and above)
+ "allowLocalLinks.to" about:config preference to define a whitelist
(in ABE URL pattern list syntax) which, if valid and not empty,
limits the file:// links which can be opened by allowed pages
(Gecko 28 and above)
- Removed "Allow rich text copy and paste from external clipboard" option
from the UI if the browser doesn't support CAPS (Gecko 28 and above)

v 2.6.8.20rc2
=========================================================================
x Implemented early permission changes enforcement on not yet reloaded
pages, to better match the old CAPS-based behavior (thanks therube
for reporting)

v 2.6.8.20rc1
=========================================================================
x [Surrogates] Fixed Google Analytics surrogate breaking some javascript:
links (thanks Will for reporting)
x [L18n] Fixed Finnish typo (thanks Kalle Niemitalo for reporting)
x [XSS] Removed OAuth-triggered false positive (thanks Gunnar Scherf for
reporting)
x [XSS] Stricter checks for HTTPS requests from a same domain origin with
different scheme (thanks LouiseRBaldwin for reporting)

Version 2.6.8.20rc2 524.8 KiB Works with Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.20rc2
=========================================================================
x Implemented early permission changes enforcement on not yet reloaded
pages, to better match the old CAPS-based behavior (thanks therube
for reporting)

v 2.6.8.20rc1
=========================================================================
x [Surrogates] Fixed Google Analytics surrogate breaking some javascript:
links (thanks Will for reporting)
x [L18n] Fixed Finnish typo (thanks Kalle Niemitalo for reporting)
x [XSS] Removed OAuth-triggered false positive (thanks Gunnar Scherf for
reporting)
x [XSS] Stricter checks for HTTPS requests from a same domain origin with
different scheme (thanks LouiseRBaldwin for reporting)

Version 2.6.8.20rc1 525.0 KiB Works with Firefox 3.0.9 - 32.0, SeaMonkey 2.0 - 2.29

v 2.6.8.20rc1
=========================================================================
x [Surrogates] Fixed Google Analytics surrogate breaking some javascript:
links (thanks Will for reporting)
x [L18n] Fixed Finnish typo (thanks Kalle Niemitalo for reporting)
x [XSS] Removed OAuth-triggered false positive (thanks Gunnar Scherf for
reporting)
x [XSS] Stricter checks for HTTPS requests from a same domain origin with
different scheme (thanks LouiseRBaldwin for reporting)

Version 2.6.8.19rc2 524.8 KiB Works with Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.19rc2
=========================================================================
x Fixed CAPS initialization broken in Gecko 27 and below

v 2.6.8.19rc1
=========================================================================
x Fixed wildcard port matching broken in Gecko 28 and below

Version 2.6.8.19rc1 525.0 KiB Works with Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.19rc1
=========================================================================
x Fixed wildcard port matching broken in Gecko 28 and below

Version 2.6.8.18rc2 524.7 KiB Works with Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.18rc2
=========================================================================
x Fixed some bookmarklets being broken by Gecko 28
x [Surrogate] Fixed some surrogates being broken by Gecko 28
- Disabled CAPS-based script blocking for Gecko 28 and above

v 2.6.8.18rc1
=========================================================================
x Fixed XSLT blocking broken by recent Gecko changes (thanks Xenos for
reporting)

Version 2.6.8.18rc1 524.6 KiB Works with Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

Version 2.6.8.17rc1 524.5 KiB Works with Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.17rc1
=========================================================================
x CSS tweak for Australis support (thanks Jared Wein)
x Fixed new bookmarklet execution module accidentally using X rays
wrappers and therefore failing to interact with expando variables

Version 2.6.8.16rc4 524.5 KiB Works with Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.16rc4
=========================================================================
x Closing a placeholder doesn't collapse its space anymore, unless the
noscript.placeholderCollapseOnClose is set to true or the "Collapse
blocked objects" Embeddings option is checked (thanks Elmart for RFE)

v 2.6.8.16rc3
=========================================================================
x Further bookmarklet emulation improvements yet (thanks porl for RFEs)

v 2.6.8.16rc2
=========================================================================
x Further bookmarklet emulation improvements (thanks porl for testbed)

v 2.6.8.16rc1
=========================================================================
x More faithful bookmarklet corner-cases emulation

Version 2.6.8.16rc3 524.4 KiB Works with Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.16rc3
=========================================================================
x Further bookmarklet emulation improvements yet (thanks porl for RFEs)

v 2.6.8.16rc2
=========================================================================
x Further bookmarklet emulation improvements (thanks porl for testbed)

v 2.6.8.16rc1
=========================================================================
x More faithful bookmarklet corner-cases emulation

Version 2.6.8.16rc2 524.8 KiB Works with Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.16rc2
=========================================================================
x Further bookmarklet emulation improvements (thanks porl for testbed)

v 2.6.8.16rc1
=========================================================================
x More faithful bookmarklet corner-cases emulation

Version 2.6.8.16rc1 524.5 KiB Works with Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.16rc1
=========================================================================
x More faithful bookmarklet corner-cases emulation

Version 2.6.8.15rc6 524.5 KiB Works with Firefox 3.0.9 - 31.0, SeaMonkey 2.0 - 2.28

v 2.6.8.15rc6
=========================================================================
x [Surrogate] Fixed bug preventing local filesystem replacements
(file:/// URLs) from being loaded
x [Surrogate] Fixed Surrogate sandbox being nuked and causing many web
pages to break

Version 2.6.8.15rc4 523.8 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

v 2.6.8.15rc4
=========================================================================
x [Surrogate] Fixed regression: some surrogates not being correctly
initialized (thanks barbaz for reporting)

v 2.6.8.15rc3
=========================================================================
x [Surrogate] Fixed replacements not being parsed as Unicode text

v 2.6.8.15rc2
=========================================================================
x Fixed listeners and timers in sandboxed non-whitelisted scripts on
Gecko 27 and above

v 2.6.8.15rc1
=========================================================================
x Work-around for Firefox 27 and above preventing bookmarklets from
attaching event listeners on non-whitelisted pages (thanks porl for
reporting)

Version 2.6.8.15rc3 524.0 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

v 2.6.8.15rc3
=========================================================================
x [Surrogate] Fixed replacements not being parsed as Unicode text

v 2.6.8.15rc2
=========================================================================
x Fixed listeners and timers in sandboxed non-whitelisted scripts on
Gecko 27 and above

v 2.6.8.15rc1
=========================================================================
x Work-around for Firefox 27 and above preventing bookmarklets from
attaching event listeners on non-whitelisted pages (thanks porl for
reporting)

Version 2.6.8.15rc5 524.6 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

Version 2.6.8.15rc2 523.8 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

v 2.6.8.15rc2
=========================================================================
x Fixed listeners and timers in sandboxed non-whitelisted scripts on
Gecko 27 and above

v 2.6.8.15rc1
=========================================================================
x Work-around for Firefox 27 and above preventing bookmarklets from
attaching event listeners on non-whitelisted pages (thanks porl for
reporting)

Version 2.6.8.14rc2 523.9 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

Version 2.6.8.15rc1 524.0 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

v 2.6.8.15rc1
=========================================================================
x Work-around for Firefox 27 and above preventing bookmarklets from
attaching event listeners on non-whitelisted pages (thanks porl for
reporting)

Version 2.6.8.14rc1 523.7 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

v 2.6.8.14rc1
=========================================================================
x [ABE] Improved compatibility with .local domains (thanks func0der for
reporting)

Version 2.6.8.13rc3 523.8 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

v 2.6.8.13rc3
=========================================================================
x Restored z-order mobility for options dialog on Linux (thanks barbaz
for RFE)

v 2.6.8.13rc2
=========================================================================
x Moved ClearClick options into their own "Advanced" sub-tab (thanks
Thrawn for RFE)
x Minor options dialog tweakings
- Removed External Filters options panel

v 2.6.8.13rc1
=========================================================================
x The option dialog is non-modal and recycled now (thanks barbaz for RFE)

Version 2.6.8.13rc2 523.9 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

v 2.6.8.13rc2
=========================================================================
x Moved ClearClick options into their own "Advanced" sub-tab (thanks
Thrawn for RFE)
x Minor options dialog tweakings
- Removed External Filters options panel

Version 2.6.8.13rc1 524.2 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

v 2.6.8.13rc1
=========================================================================
x The option dialog is non-modal and recycled now (thanks barbaz for RFE)

Version 2.6.8.12rc4 524.1 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

v 2.6.8.12rc4
=========================================================================
x Improved work-around for
https://bugzilla.mozilla.org/show_bug.cgi?id=958962
+ [Surrogate] Prevent blank ModPagespeed-patched pages when meta refresh
inside NOSCRIPT elements is blocked (thanks thunderscript and barbaz)

v 2.6.8.12rc3
=========================================================================
x Work-around for https://bugzilla.mozilla.org/show_bug.cgi?id=958962

v 2.6.8.12rc2
=========================================================================
x Fixed one-time this.getSite() error on startup
+ Browser Console support
x [Locale] Updated fr (thanks Jack Black)

v 2.6.8.12rc1
=========================================================================
x Fixed feed reader broken on non-whitelisted sites in non-stable Firefox
(thanks LouCypher for reporting)

Version 2.6.8.12rc3 524.1 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

v 2.6.8.12rc3
=========================================================================
x Work-around for https://bugzilla.mozilla.org/show_bug.cgi?id=958962

v 2.6.8.12rc21
=========================================================================
x Fixed one-time this.getSite() error on startup
+ Browser Console support
x [Locale] Updated fr (thanks Jack Black)

v 2.6.8.12rc1
=========================================================================
x Fixed feed reader broken on non-whitelisted sites in non-stable Firefox
(thanks LouCypher for reporting)

Version 2.6.8.12rc2 523.8 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

v 2.6.8.12rc2
=========================================================================
x Fixed one-time this.getSite() error on startup
+ Browser Console support
x [Locale] Updated fr (thanks Jack Black)

v 2.6.8.12rc1
=========================================================================
x Fixed feed reader broken on non-whitelisted sites in non-stable Firefox
(thanks LouCypher for reporting)

Version 2.6.8.12rc1 523.7 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.12rc1
=========================================================================
x Fixed feed reader broken on non-whitelisted sites in non-stable Firefox
(thanks LouCypher for reporting)

Version 2.6.8.11rc10 523.8 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.11rc10
=========================================================================
x [XSS] Fixed new inline script blocking approach (in Firefox Nightly)
not triggering NOSCRIPT element fallbacks

v 2.6.8.11rc9
=========================================================================
x [XSS] Fixed nested URL parsing optimization bug (thanks Masato Kinugawa
for reporting)

v 2.6.8.11rc8
=========================================================================
x [XSS] Abort, rather than filter, potential charset-based attacks (
thanks Masato Kinugawa for reporting)
x [XSS] Improved Ebay compatibility (thanks Markus Wienand for reporting)

v 2.6.8.11rc7
=========================================================================
x [XSS] Fixed bad charset check regression from rc6 (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc6
=========================================================================
x [XSS] Fixed bad charset checks not honoring exceptions (thanks Masato
Kinugawa for reporting)
x Adopted the Components.utils.blockScriptForGlobal() API where possible

v 2.6.8.11rc5
=========================================================================
x [XSS] Further improvements in recursive link checks (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc4
=========================================================================
x [XSS] Better checks for combined data/javascript URIs (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc3
=========================================================================
x [XSS] Restored fuzzy HTML sniffing in nested data URI (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc2
=========================================================================
x [XSS] Improved data URI checks (thanks Masato Kinugawa for reporting)
x [XSS] Enhanced recursive link checks (Thanks PK Cano for reporting)

v 2.6.8.11rc1
=========================================================================
x [XSS] Stricter HTML checks on second-order data URI injections exactly
fitting whole URL attributes (thanks Masato Kinugawa for reporting)