AMO is getting a new look. Would you like to see it?

Visit the new site

Close

NoScript Security Suite Version History

690 versions

Be careful with old versions!

These versions are displayed for reference and testing purposes. You should always use the latest version of an add-on.

Version 2.6.8.12rc3 524.1 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

v 2.6.8.12rc3
=========================================================================
x Work-around for https://bugzilla.mozilla.org/show_bug.cgi?id=958962

v 2.6.8.12rc21
=========================================================================
x Fixed one-time this.getSite() error on startup
+ Browser Console support
x [Locale] Updated fr (thanks Jack Black)

v 2.6.8.12rc1
=========================================================================
x Fixed feed reader broken on non-whitelisted sites in non-stable Firefox
(thanks LouCypher for reporting)

Version 2.6.8.12rc2 523.8 KiB Works with Firefox 3.0.9 - 30.0, SeaMonkey 2.0 - 2.27

v 2.6.8.12rc2
=========================================================================
x Fixed one-time this.getSite() error on startup
+ Browser Console support
x [Locale] Updated fr (thanks Jack Black)

v 2.6.8.12rc1
=========================================================================
x Fixed feed reader broken on non-whitelisted sites in non-stable Firefox
(thanks LouCypher for reporting)

Version 2.6.8.12rc1 523.7 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.12rc1
=========================================================================
x Fixed feed reader broken on non-whitelisted sites in non-stable Firefox
(thanks LouCypher for reporting)

Version 2.6.8.11rc10 523.8 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.11rc10
=========================================================================
x [XSS] Fixed new inline script blocking approach (in Firefox Nightly)
not triggering NOSCRIPT element fallbacks

v 2.6.8.11rc9
=========================================================================
x [XSS] Fixed nested URL parsing optimization bug (thanks Masato Kinugawa
for reporting)

v 2.6.8.11rc8
=========================================================================
x [XSS] Abort, rather than filter, potential charset-based attacks (
thanks Masato Kinugawa for reporting)
x [XSS] Improved Ebay compatibility (thanks Markus Wienand for reporting)

v 2.6.8.11rc7
=========================================================================
x [XSS] Fixed bad charset check regression from rc6 (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc6
=========================================================================
x [XSS] Fixed bad charset checks not honoring exceptions (thanks Masato
Kinugawa for reporting)
x Adopted the Components.utils.blockScriptForGlobal() API where possible

v 2.6.8.11rc5
=========================================================================
x [XSS] Further improvements in recursive link checks (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc4
=========================================================================
x [XSS] Better checks for combined data/javascript URIs (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc3
=========================================================================
x [XSS] Restored fuzzy HTML sniffing in nested data URI (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc2
=========================================================================
x [XSS] Improved data URI checks (thanks Masato Kinugawa for reporting)
x [XSS] Enhanced recursive link checks (Thanks PK Cano for reporting)

v 2.6.8.11rc1
=========================================================================
x [XSS] Stricter HTML checks on second-order data URI injections exactly
fitting whole URL attributes (thanks Masato Kinugawa for reporting)

Version 2.6.8.11rc9 523.7 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.11rc9
=========================================================================
x [XSS] Fixed nested URL parsing optimization bug (thanks Masato Kinugawa
for reporting)

v 2.6.8.11rc8
=========================================================================
x [XSS] Abort, rather than filter, potential charset-based attacks (
thanks Masato Kinugawa for reporting)
x [XSS] Improved Ebay compatibility (thanks Markus Wienand for reporting)

v 2.6.8.11rc7
=========================================================================
x [XSS] Fixed bad charset check regression from rc6 (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc6
=========================================================================
x [XSS] Fixed bad charset checks not honoring exceptions (thanks Masato
Kinugawa for reporting)
x Adopted the Components.utils.blockScriptForGlobal() API where possible

v 2.6.8.11rc5
=========================================================================
x [XSS] Further improvements in recursive link checks (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc4
=========================================================================
x [XSS] Better checks for combined data/javascript URIs (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc3
=========================================================================
x [XSS] Restored fuzzy HTML sniffing in nested data URI (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc2
=========================================================================
x [XSS] Improved data URI checks (thanks Masato Kinugawa for reporting)
x [XSS] Enhanced recursive link checks (Thanks PK Cano for reporting)

v 2.6.8.11rc1
=========================================================================
x [XSS] Stricter HTML checks on second-order data URI injections exactly
fitting whole URL attributes (thanks Masato Kinugawa for reporting)

Version 2.6.8.11rc8 523.5 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.11rc8
=========================================================================
x [XSS] Abort, rather than filter, potential charset-based attacks (
thanks Masato Kinugawa for reporting)
x [XSS] Improved Ebay compatibility (thanks Markus Wienand for reporting)

v 2.6.8.11rc7
=========================================================================
x [XSS] Fixed bad charset check regression from rc6 (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc6
=========================================================================
x [XSS] Fixed bad charset checks not honoring exceptions (thanks Masato
Kinugawa for reporting)
x Adopted the Components.utils.blockScriptForGlobal() API where possible

v 2.6.8.11rc5
=========================================================================
x [XSS] Further improvements in recursive link checks (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc4
=========================================================================
x [XSS] Better checks for combined data/javascript URIs (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc3
=========================================================================
x [XSS] Restored fuzzy HTML sniffing in nested data URI (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc2
=========================================================================
x [XSS] Improved data URI checks (thanks Masato Kinugawa for reporting)
x [XSS] Enhanced recursive link checks (Thanks PK Cano for reporting)

v 2.6.8.11rc1
=========================================================================
x [XSS] Stricter HTML checks on second-order data URI injections exactly
fitting whole URL attributes (thanks Masato Kinugawa for reporting)

Version 2.6.8.11rc7 523.2 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

Version 2.6.8.11rc6 523.2 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.11rc6
=========================================================================
x [XSS] Fixed bad charset checks not honoring exceptions (thanks Masato
Kinugawa for reporting)
x Adopted the Components.utils.blockScriptForGlobal() API where possible

v 2.6.8.11rc5
=========================================================================
x [XSS] Further improvements in recursive link checks (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc4
=========================================================================
x [XSS] Better checks for combined data/javascript URIs (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc3
=========================================================================
x [XSS] Restored fuzzy HTML sniffing in nested data URI (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc2
=========================================================================
x [XSS] Improved data URI checks (thanks Masato Kinugawa for reporting)
x [XSS] Enhanced recursive link checks (Thanks PK Cano for reporting)

v 2.6.8.11rc1
=========================================================================
x [XSS] Stricter HTML checks on second-order data URI injections exactly
fitting whole URL attributes (thanks Masato Kinugawa for reporting)

Version 2.6.8.11rc5 523.0 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.11rc5
=========================================================================
x [XSS] Further improvements in recursive link checks (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc4
=========================================================================
x [XSS] Better checks for combined data/javascript URIs (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc3
=========================================================================
x [XSS] Restored fuzzy HTML sniffing in nested data URI (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc2
=========================================================================
x [XSS] Improved data URI checks (thanks Masato Kinugawa for reporting)
x [XSS] Enhanced recursive link checks (Thanks PK Cano for reporting)

v 2.6.8.11rc1
=========================================================================
x [XSS] Stricter HTML checks on second-order data URI injections exactly
fitting whole URL attributes (thanks Masato Kinugawa for reporting)

Version 2.6.8.11rc4 523.1 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.11rc4
=========================================================================
x [XSS] Better checks for combined data/javascript URIs (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc3
=========================================================================
x [XSS] Restored fuzzy HTML sniffing in nested data URI (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc2
=========================================================================
x [XSS] Improved data URI checks (thanks Masato Kinugawa for reporting)
x [XSS] Enhanced recursive link checks (Thanks PK Cano for reporting)

v 2.6.8.11rc1
=========================================================================
x [XSS] Stricter HTML checks on second-order data URI injections exactly
fitting whole URL attributes (thanks Masato Kinugawa for reporting)

Version 2.6.8.11rc3 523.2 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.11rc3
=========================================================================
x [XSS] Restored fuzzy HTML sniffing in nested data URI (thanks Masato
Kinugawa for reporting)

v 2.6.8.11rc2
=========================================================================
x [XSS] Improved data URI checks (thanks Masato Kinugawa for reporting)
x [XSS] Enhanced recursive link checks (Thanks PK Cano for reporting)

v 2.6.8.11rc1
=========================================================================
x [XSS] Stricter HTML checks on second-order data URI injections exactly
fitting whole URL attributes (thanks Masato Kinugawa for reporting)

Version 2.6.8.11rc2 523.0 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.11rc2
=========================================================================
x [XSS] Improved data URI checks (thanks Masato Kinugawa for reporting)
x [XSS] Enhanced recursive link checks (Thanks PK Cano for reporting)

v 2.6.8.11rc1
=========================================================================
x [XSS] Stricter HTML checks on second-order data URI injections exactly
fitting whole URL attributes (thanks Masato Kinugawa for reporting)

Version 2.6.8.11rc1 523.0 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.11rc1
=========================================================================
x [XSS] Stricter HTML checks on second-order data URI injections exactly
fitting whole URL attributes (thanks Masato Kinugawa for reporting)

Version 2.6.8.10rc1 523.0 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

Version 2.6.8.9rc5 523.0 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.9rc5
=========================================================================
x [XSS] Stricter HTML checks (thanks Masato Kinugawa for reporting)
x [ClearClick] Exception to cope with Youtube's Google+ comments

v 2.6.8.9rc4
=========================================================================
x [XSS] Better data: URI detection (thanks Masato Kinugawa for reporting)

v 2.6.8.9rc3
=========================================================================
x [XSS] Improved pure HTML checks (thanks Masato Kinugawa for reporting)

v 2.6.8.9rc2
=========================================================================
x [XSS] Better fix for InjectionChecker tolerance bug (thanks Masato
Kinugawa for reporting)

v 2.6.8.9rc1
=========================================================================
x [XSS] Fixed InjectionChecker tolerance bug (thanks Masato Kinugawa for
reporting)
x [XSS] Improved sanitization

Version 2.6.8.9rc4 522.8 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.9rc4
=========================================================================
x [XSS] Better data: URI detection (thanks Masato Kinugawa for reporting)

v 2.6.8.9rc3
=========================================================================
x [XSS] Improved pure HTML checks (thanks Masato Kinugawa for reporting)

v 2.6.8.9rc2
=========================================================================
x [XSS] Better fix for InjectionChecker tolerance bug (thanks Masato
Kinugawa for reporting)

v 2.6.8.9rc1
=========================================================================
x [XSS] Fixed InjectionChecker tolerance bug (thanks Masato Kinugawa for
reporting)
x [XSS] Improved sanitization

Version 2.6.8.9rc3 523.0 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.9rc3
=========================================================================
x [XSS] Improved pure HTML checks (thanks Masato Kinugawa for reporting)

v 2.6.8.9rc2
=========================================================================
x [XSS] Better fix for InjectionChecker tolerance bug (thanks Masato
Kinugawa for reporting)

v 2.6.8.9rc1
=========================================================================
x [XSS] Fixed InjectionChecker tolerance bug (thanks Masato Kinugawa for
reporting)
x [XSS] Improved sanitization

Version 2.6.8.9rc2 522.9 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.9rc2
=========================================================================
x [XSS] Better fix for InjectionChecker tolerance bug (thanks Masato
Kinugawa for reporting)

v 2.6.8.9rc1
=========================================================================
x [XSS] Fixed InjectionChecker tolerance bug (thanks Masato Kinugawa for
reporting)
x [XSS] Improved sanitization

Version 2.6.8.9rc1 523.0 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.9rc1
=========================================================================
x [XSS] Fixed InjectionChecker tolerance bug (thanks Masato Kinugawa for
reporting)
x [XSS] Improved sanitization

Version 2.6.8.8rc2 522.8 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.8rc2
=========================================================================
+ Enforce docShell-based script blocking for Gecko > 28

v 2.6.8.8rc1
=========================================================================
+ [Surrogate] addthis.com widget emulation (thanks Mathnerd314)

Version 2.6.8.8rc1 522.7 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.8rc1
=========================================================================
+ [Surrogate] addthis.com widget emulation (thanks Mathnerd314)

Version 2.6.8.7rc4 522.7 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.7rc4
=========================================================================
x Fixed performance regression in request identity tracking (thanks
cumdacon and nospamboz for reporting)

v 2.6.8.7rc3
=========================================================================
+ Protection against new SQLXSSI obfuscation techinques (thanks Alex
Inführ for reporting)

v 2.6.8.7rc2
=========================================================================
x Fixed noscript.allowedMimeRegExp ignoring the FONT pseudo-type take 2
(thanks barbaz for reporting)

v 2.6.8.7rc1
=========================================================================
x Fixed noscript.allowedMimeRegExp ignoring the FONT pseudo-type (thanks
barbaz for reporting)

Version 2.6.8.7rc2 522.4 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.7rc2
=========================================================================
x Fixed noscript.allowedMimeRegExp ignoring the FONT pseudo-type take 2
(thanks barbaz for reporting)

Version 2.6.8.7rc1 522.5 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.7rc1
=========================================================================
x Fixed noscript.allowedMimeRegExp ignoring the FONT pseudo-type
(thanks barbaz for reporting)

Version 2.6.8.6rc2 522.6 KiB Works with Firefox 3.0.9 - 29.0, SeaMonkey 2.0 - 2.26

v 2.6.8.6rc2
=========================================================================
x Fixed bugs in noscript.allowedMimeRegExp support (thanks barbaz for
reporting)
x [ABE] Fixed increased asynchronicity in Gecko's network processing
causing intermittent failures (thanks barbaz and al_9x for reporting)

v 2.6.8.6rc1
=========================================================================
x [Surrogate] Fixed bug in asynchronous Google Analytics API emulation
(thanks Lucas Malor for reporting)
x Fixed missing icon for blocked objects when no script is present in the
page and scrips are globally allowed

Version 2.6.8.6rc1 522.5 KiB Works with Firefox 3.0.9 - 28.0, SeaMonkey 2.0 - 2.25

v 2.6.8.6rc1
=========================================================================
x [Surrogate] Fixed bug in asynchronous Google Analytics API emulation
(thanks Lucas Malor for reporting)
x Fixed missing icon for blocked objects when no script is present in the
page and scrips are globally allowed

Version 2.6.8.5rc2 522.3 KiB Works with Firefox 3.0.9 - 28.0, SeaMonkey 2.0 - 2.25

v 2.6.8.5rc2
=========================================================================
x [ClearClick] Fixed empty contentEditable elements cannot receive
keyboard events in cross-site frames (breaking latest Youtube comments)
x [XSS] Fixed false positive on redirected script inclusions (breaking
Stripe payments on Humblebundle, thanks ableeker for reporting)

Version 2.6.8.5rc1 522.5 KiB Works with Firefox 3.0.9 - 28.0, SeaMonkey 2.0 - 2.25

v 2.6.8.5rc1
=========================================================================
x [Surrogate] Better GA, GAPI, Twitter and Facebook compatibility

Version 2.6.8.4rc3 522.5 KiB Works with Firefox 3.0.9 - 28.0, SeaMonkey 2.0 - 2.25

v 2.6.8.4rc3
=========================================================================
x Fixed shortcut bookmarklet execution requiring noscript.allowURLBarJS
preference to be true on Firefox 25 beta (thanks ivank for report)

v 2.6.8.4rc2
=========================================================================
x [Surrogate] Better emulation of for Google Analytics asynchronous
tracking (for instance, fixes GMail's "Sign in" link)
x [ClearClick] Fixed exception being thrown on Firefox 27 alpha (Nightly)
x Fixed URL bar enhancements broken by Firefox 25 beta

v 2.6.8.4rc1
=========================================================================
x Fixed SetVariable/GetVariable failing on dynamically created Flash
elements, e.g. with SFWObject (thanks longsleep for reporting)

Version 2.6.8.4rc2 522.3 KiB Works with Firefox 3.0.9 - 28.0, SeaMonkey 2.0 - 2.25

v 2.6.8.4rc2
=========================================================================
x [Surrogate] Better emulation of for Google Analytics asynchronous
tracking (for instance, fixes GMail's "Sign in" link)
x [ClearClick] Fixed exception being thrown on Firefox 27 alpha (Nightly)
x Fixed URL bar enhancements broken by Firefox 25 beta

v 2.6.8.4rc1
=========================================================================
x Fixed SetVariable/GetVariable failing on dynamically created Flash
elements, e.g. with SFWObject (thanks longsleep for reporting)