NoScript Security Suite Version History

665 versions

Be careful with old versions!

These versions are displayed for reference and testing purposes. You should always use the latest version of an add-on.

Version 2.6.8.41rc1 527.7 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.41rc1
=============================================================
x Improved Australis toolbar compatibility (thanks Quicksaver
for patch)
x [XSS] Fixed false positive within *.adxns.com

Version 2.6.8.40rc2 529.0 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.40rc2
=========================================================================
x Fixed regression causing script inclusions with non-standard ports to
be always blocked

v 2.6.8.40rc1
=========================================================================
x [ABE] Improved ruleset editing UI (thanks barbaz for patch)

Version 2.6.8.40rc1 528.9 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.40rc1
=========================================================================
x [ABE] Improved ruleset editing UI (thanks barbaz for patch)

Version 2.6.8.39rc2 527.2 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.39rc2
=========================================================================
x [Surrogate] Removed DARLA surrogate and reimplemented its work-around
as a XSS filter exception
x [Bookmarklets] Fixed bookmarklets broken when JavaScript is enabled
(thanks therube for reporting)

v 2.6.8.39rc1
=========================================================================
x [Surrogate] Work-around for DARLA surrogate breaking Yahoo! Mail

Version 2.6.8.39rc1 527.3 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.39rc1
=========================================================================
x [Surrogate] Work-around for DARLA surrogate breaking Yahoo! Mail

Version 2.6.8.38rc2 527.0 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.38rc2
=========================================================================
x Fixed regression preventing Youtube movies from playing

v 2.6.8.38rc1
=========================================================================
x Completed work-around for Firefox's Bug 1044351
x [Surrogate] Improved Yahoo! DARLA source matching

Version 2.6.8.38rc1 527.1 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.38rc1
=========================================================================
x Completed work-around for Firefox's Bug 1044351
x [Surrogate] Improved Yahoo! DARLA source matching

Version 2.6.8.37rc3 527.0 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.37rc3
=========================================================================
x Made the new additional script blocking policies more consistent with
other features (e.g. the XSS filter)
x NoScript's toolbar button is now friendlier to other Australis-enabled
add-ons
x Work-around for Firefox's Bug 1044351 (thanks al_9x for RFE)

v 2.6.8.37rc2
=========================================================================
x [XSS] Support for new insidious ES6 constructs introduced in Firefox 34
(thanks .mario for reporting)
x [HTTPS] Experimental "Allow HTTPS scripts globally on HTTPS documents"
mode

v 2.6.8.37rc1
=========================================================================
x [Surrogate] Yahoo! "DARLA" ads loader post-execution surrogate prevents
the browser from stalling due to the many window.name-based XSSes
intentionally used by this ads delivery script

Version 2.6.8.37rc2 526.8 KiB Works with Firefox 3.0.9 - 34.0, SeaMonkey 2.0 - 2.31

Version 2.6.8.37rc1 526.1 KiB Works with Firefox 3.0.9 - 34.0, SeaMonkey 2.0 - 2.31

v 2.6.8.37rc1
=========================================================================
x [Surrogate] Yahoo! "DARLA" ads loader post-execution surrogate prevents
the browser from stalling due to the many window.name-based XSSes
intentionally used by this ads delivery script

Version 2.6.8.36rc1 526.1 KiB Works with Firefox 3.0.9 - 34.0, SeaMonkey 2.0 - 2.31

v 2.6.8.36rc1
=========================================================================
x [Surrogate] Updated adf.ly replacement (thanks kasper93 for coding)
x [Surrogate] Updated connect.facebook.net replacement
x Fixed bookmarklet emulation compatibility issue breaking some add-ons
which rely on the new getShortcutOrURIAndPostData() function signature

Version 2.6.8.35rc2 526.0 KiB Works with Firefox 3.0.9 - 34.0, SeaMonkey 2.0 - 2.31

v 2.6.8.35rc2
=========================================================================
x Improved compatibility with browser built-in Click To Play

v 2.6.8.35rc1
=========================================================================
+ Recently blocked sites are now recorded per-window (causing automatic
oblivion of data from Private Browsing windows when they're closed)
+ Recently blocked sites are not collected at all unless the menu item
is configured to be shown (thanks Barbaz for RFE and patch)

Version 2.6.8.35rc1 541.7 KiB Works with Firefox 3.0.9 - 34.0, SeaMonkey 2.0 - 2.31

v 2.6.8.35rc1
=========================================================================
+ Recently blocked sites are now recorded per-window (causing automatic
oblivion of data from Private Browsing windows when they're closed)
+ Recently blocked sites are not collected at all unless the menu item
is configured to be shown (thanks Barbaz for RFE and patch)

Version 2.6.8.34rc1 541.6 KiB Works with Firefox 3.0.9 - 34.0, SeaMonkey 2.0 - 2.31

v 2.6.8.34rc1
=========================================================================
x Added "cdn.directvid.com/*.jsx" to inclusionTypeChecking.exceptions in
in order to let the directvid video player work
x Better compatibility with null principal origins created by the
Add-on SDK (thanks neilemon for reporting)

Version 2.6.8.33rc1 525.9 KiB Works with Firefox 3.0.9 - 34.0, SeaMonkey 2.0 - 2.31

v 2.6.8.33rc1
=========================================================================
x Fixed regression in smart reloading of just allowed HTML Media elements
(thanks barbaz for reporting)

Version 2.6.8.32rc3 1.0 MiB Works with Firefox 3.0.9 - 34.0, SeaMonkey 2.0 - 2.31

v 2.6.8.32rc3
=========================================================================
x Fixed regression: NOSCRIPT element not shown on non-whitelisted pages
(thanks Germán Ponte and Michael Kehrein for reporting)

v 2.6.8.32rc2
=========================================================================
x Replaced Ci.nsIDOMHTML(Video|Audio)Element (about to be removed) with
window.(Video|Audio)Element counterparts (see Moz Bug 1034304)

v 2.6.8.32rc1
=========================================================================
x Fixed jammed icon on the navigation bar when "left clicking on toolbar
icon toggles..." option is checked (thanks Larry for reporting)

Version 2.6.8.32rc2 1.0 MiB Works with Firefox 3.0.9 - 34.0, SeaMonkey 2.0 - 2.31

v 2.6.8.32rc2
=========================================================================
x Replaced Ci.nsIDOMHTML(Video|Audio)Element (about to be removed) with
window.(Video|Audio)Element counterparts (see Moz Bug 1034304)

v 2.6.8.32rc1
=========================================================================
x Fixed jammed icon on the navigation bar when "left clicking on toolbar
icon toggles..." option is checked (thanks Larry for reporting)

Version 2.6.8.32rc1 525.8 KiB Works with Firefox 3.0.9 - 34.0, SeaMonkey 2.0 - 2.31

v 2.6.8.32rc1
=========================================================================
x Fixed jammed icon on the navigation bar when "left clicking on toolbar
icon toggles..." option is checked (thanks Larry for reporting)

Version 2.6.8.31rc1 525.8 KiB Works with Firefox 3.0.9 - 34.0, SeaMonkey 2.0 - 2.31a2

v 2.6.8.31rc1
=========================================================================
x Fixed a regression in bookmarklet emulation (typo spotted by al_9x)


v 2.6.8.30rc5
=========================================================================
x Updated HTML5 and Gecko-specific markup elements list
x Fixed "too much recursion" bug in bookmarklet emulation when executing
window.open(..., "_self") (thanks al_9x)

v 2.6.8.30rc4
=========================================================================
x Improved icons consistence with cascading permissions
x Fixed 2.6.8.30rc1 regression: broken local file loads

v 2.6.8.30rc3
=========================================================================
x Make "[Temporarily] Allow all this page" affect only the top-level
document's origin when cascading permissions mode is enabled

v 2.6.8.30rc2
=========================================================================
x [Surrogate] Fixed regression about a small change in sandbox principal
management breaking some surrogates, including Google Analytics

v 2.6.8.30rc1
=========================================================================
x [CAPS] better compatibility with Firefox 30's restored checkloaduri
prefs hack
+ UI support for cascadePermissions and restrictSubdocScripting
+ "NoScript Options|Advanced|Trusted|Cascade top document's permissions
to 3rd party scripts" user-facing preference
+ "NoScript Options|Advanced|Untrusted|Block scripting in whitelisted
subdocuments of non-whitelisted pages" user-facing preference
+ Backported cascadePermissions and restrictSubdocScripting support to
ESR 24

Version 2.6.8.30rc5 525.8 KiB Works with Firefox 3.0.9 - 34.0, SeaMonkey 2.0 - 2.31a2

v 2.6.8.30rc5
=========================================================================
x Updated HTML5 and Gecko-specific markup elements list
x Fixed "too much recursion" book in bookmarket emulation when executing
window.open(..., "_self") (thanks al_9x)

v 2.6.8.30rc4
=========================================================================
x Improved icons consistence with cascading permissions
x Fixed 2.6.8.30rc1 regression: broken local file loads

v 2.6.8.30rc3
=========================================================================
x Make "[Temporarily] Allow all this page" affect only the top-level
document's origin when cascading permissions mode is enabled

v 2.6.8.30rc2
=========================================================================
x [Surrogate] Fixed regression about a small change in sandbox principal
management breaking some surrogates, including Google Analytics

v 2.6.8.30rc1
=========================================================================
x [CAPS] better compatibility with Firefox 30's restored checkloaduri
prefs hack
+ UI support for cascadePermissions and restrictSubdocScripting
+ "NoScript Options|Advanced|Trusted|Cascade top document's permissions
to 3rd party scripts" user-facing preference
+ "NoScript Options|Advanced|Untrusted|Block scripting in whitelisted
subdocuments of non-whitelisted pages" user-facing preference
+ Backported cascadePermissions and restrictSubdocScripting support to
ESR 24

Version 2.6.8.30rc4 525.7 KiB Works with Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.30rc4
=========================================================================
x Improved icons consistency with cascading permissions
x Fixed 2.6.8.30rc1 regression: broken local file loads

v 2.6.8.30rc3
=========================================================================
x Make "[Temporarily] Allow all this page" affect only the top-level
document's origin when cascading permissions mode is enabled

v 2.6.8.30rc2
=========================================================================
x [Surrogate] Fixed regression about a small change in sandbox principal
management breaking some surrogates, including Google Analytics

v 2.6.8.30rc1
=========================================================================
x [CAPS] better compatibility with Firefox 30's restored checkloaduri
prefs hack
+ UI support for cascadePermissions and restrictSubdocScripting
+ "NoScript Options|Advanced|Trusted|Cascade top document's permissions
to 3rd party scripts" user-facing preference
+ "NoScript Options|Advanced|Untrusted|Block scripting in whitelisted
subdocuments of non-whitelisted pages" user-facing preference
+ Backported cascadePermissions and restrictSubdocScripting support to
ESR 24

Version 2.6.8.30rc3 525.6 KiB Works with Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.30rc3
=========================================================================
x Make "[Temporarily] Allow all this page" affect only the top-level
document's origin when cascading permissions mode is enabled

v 2.6.8.30rc2
=========================================================================
x [Surrogate] Fixed regression about a small change in sandbox principal
management breaking some surrogates, including Google Analytics

v 2.6.8.30rc1
=========================================================================
x [CAPS] better compatibility with Firefox 30's restored checkloaduri
prefs hack
+ UI support for cascadePermissions and restrictSubdocScripting
+ "NoScript Options|Advanced|Trusted|Cascade top document's permissions
to 3rd party scripts" user-facing preference
+ "NoScript Options|Advanced|Untrusted|Block scripting in whitelisted
subdocuments of non-whitelisted pages" user-facing preference
+ Backported cascadePermissions and restrictSubdocScripting support to
ESR 24

Version 2.6.8.30rc2 525.5 KiB Works with Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.30rc2
=========================================================================
x [Surrogate] Fixed regression about a small change in sandbox principal
management breaking some surrogates, including Google Analytics

v 2.6.8.30rc1
=========================================================================
x [CAPS] better compatibility with Firefox 30's restored checkloaduri
prefs hack
+ UI support for cascadePermissions and restrictSubdocScripting
+ "NoScript Options|Advanced|Trusted|Cascade top document's permissions
to 3rd party scripts" user-facing preference
+ "NoScript Options|Advanced|Untrusted|Block scripting in whitelisted
subdocuments of non-whitelisted pages" user-facing preference
+ Backported cascadePermissions and restrictSubdocScripting support to
ESR 24

Version 2.6.8.30rc1 525.6 KiB Works with Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.30rc1
=========================================================================
x [CAPS] better compatibility with Firefox 30's restored checkloaduri
prefs hack
+ UI support for cascadePermissions and restrictSubdocScripting
+ "NoScript Options|Advanced|Trusted|Cascade top document's permissions
to 3rd party scripts" user-facing preference
+ "NoScript Options|Advanced|Untrusted|Block scripting in whitelisted
subdocuments of non-whitelisted pages" user-facing preference
+ Backported cascadePermissions and restrictSubdocScripting support to
ESR 24

Version 2.6.8.29rc1 523.9 KiB Works with Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

Version 2.6.8.28rc1 521.0 KiB Works with Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.28rc1
=========================================================================
x Fixed bookmarklet execution on non-whitelisted page causing scripts
to be globally allowed (thanks barbaz and therube for reporting)

Version 2.6.8.27rc3 521.0 KiB Works with Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.27rc3
=========================================================================
x [Surrogate] Better trigger timing
x Work-around for bug 1005552 (backport to ESR)

v 2.6.8.27rc2
=========================================================================
+ [Surrogate] External script surrogates are now triggered whenever a
matching script fails to load, no matter the reason, e.g. NoScript
permissions, ABE, ABP or RequestPolicy (thanks bonanza for RFE)

Version 2.6.8.27rc2 520.9 KiB Works with Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.27rc2
=========================================================================
+ [Surrogate] External script surrogates are now triggered whenever a
matching script fails to load, no matter the reason, e.g. NoScript
permissions, ABE, ABP or RequestPolicy (thanks bonanza for RFE)

Version 2.6.8.27rc1 521.2 KiB Works with Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.27rc1
=========================================================================
x [XSS] Worked around OpenID-related false positive (thanks Gunnar for
reporting)
x [XSS] Better work around for false positive in gmx.com new webmail,
designed to work across all its implementations

Version 2.6.8.26rc1 520.8 KiB Works with Firefox 3.0.9 - 33.0, SeaMonkey 2.0 - 2.30

v 2.6.8.26rc1
=========================================================================
x [XSS] gmx.com false positive work-around extended to international
domains (thanks dood_97 for reporting)
x [XSS] gmx.com false positive work-around extended to mail.com (thanks
boris for reporting)
+ noscript.cascadePermissions preliminary backend implementation
+ noscript.restrictSubdocScripting preliminary backend implementation