NoScript Security Suite Version History

666 versions

Be careful with old versions!

These versions are displayed for reference and testing purposes. You should always use the latest version of an add-on.

Version 2.6.4.2rc3 520.5 KiB Works with Firefox 3.0.9 - 20.0a1, SeaMonkey 2.0 - 2.17a1

v 2.6.4.2rc3
=========================================================================
x Fixed forced HTTPS breaks redirects on Firefox >= 18 (thanks mjh563 for
reporting)
x Work-around for Gecko calling nsIContentPolicy::shouldProcess() with
null location for Flash objects sometimes (thanks al_9x for report)

v 2.6.4.2rc2
=========================================================================
x Fixed broken early HTTP observer on Firefox >= 18 (thanks aloishammer
for reporting)

v 2.6.4.2rc1
=========================================================================
x Fixed anti-popunder surrogate breaking BFCache (thanks whatever for
reporting)

Version 2.6.4.2rc2 520.5 KiB Works with Firefox 3.0.9 - 20.0a1, SeaMonkey 2.0 - 2.17a1

v 2.6.4.2rc2
=========================================================================
x Fixed broken early HTTP observer on Firefox >= 18 (thanks aloishammer
for reporting)

v 2.6.4.2rc1
=========================================================================
x Fixed anti-popunder surrogate breaking BFCache (thanks whatever for
reporting)

Version 2.6.4.2rc1 520.6 KiB Works with Firefox 3.0.9 - 20.0a1, SeaMonkey 2.0 - 2.17a1

v 2.6.4.2rc1
=========================================================================
x Fixed anti-popunder surrogate breaking BFCache (thanks whatever for
reporting)

Version 2.6.4.1rc1 520.5 KiB Works with Firefox 3.0.9 - 20.0a1, SeaMonkey 2.0 - 2.17a1

v 2.6.4.1rc1
=========================================================================
x Fixed new placeholder close button being hidden on some Youtube pages

Version 2.6.4rc2 520.4 KiB Works with Firefox 3.0.9 - 20.0a1, SeaMonkey 2.0 - 2.17a1

v 2.6.4rc2
=========================================================================
x [XSS] Improved compatibility with Twitter's cross-site requests
+ Close button on embedding placeholder (like using shift+click on the
placeholder itself). Shift clicking the close button bypasses it.
x Fixed placeholders intercepting clicks from overlayed elements (thanks
al_9x)

v 2.6.4rc1
=========================================================================
x Fixed unbound embed enablement confirmation dialog size (thanks therube
for reporting)

Version 2.6.4rc1 518.5 KiB Works with Firefox 3.0.9 - 20.0a1, SeaMonkey 2.0 - 2.17a1

v 2.6.4rc1
=========================================================================
x Fixed unbound embed enablement confirmation dialog size (thanks therube
for reporting)

Version 2.6.3rc4 518.4 KiB Works with Firefox 3.0.9 - 20.0a1, SeaMonkey 2.0 - 2.17a1

v 2.6.3rc4
=========================================================================
x [XSS] Further tweaks to reduce false positives (thanks Edward C. Kim
for reporting)

v 2.6.3rc3
=========================================================================
x [XSS] The "maybe JS" step now removes leading parens, reducing false
positives e.g. on Picasa (thanks jerriy for reporting)

v 2.6.3rc2
=========================================================================
x [Surrogate] Work-around for anti-popunder surrogate causing Ebay to
recreate phantom cookies on page unload (thanks mjh563 for reporting)

v 2.6.3rc1
=========================================================================
x Work-around for some extensions (e.g. Adblock Plus, Tab Mix Plus)
breaking bookmarlets and URL bar Javascript support after being updated
for Firefox 17
x Removed some console noise
+ [Surrogate] Updated adf.ly surrogate to work with new links

Version 2.6.3rc3 518.3 KiB Works with Firefox 3.0.9 - 20.0a1, SeaMonkey 2.0 - 2.17a1

v 2.6.3rc3
=========================================================================
x [XSS] The "maybe JS" step now removes leading parens, reducing false
positives e.g. on Picasa (thanks jerriy for reporting)

v 2.6.3rc2
=========================================================================
x [Surrogate] Work-around for anti-popunder surrogate causing Ebay to
recreate phantom cookies on page unload (thanks mjh563 for reporting)

v 2.6.3rc1
=========================================================================
x Work-around for some extensions (e.g. Adblock Plus, Tab Mix Plus)
breaking bookmarklets and URL bar Javascript support after being updated
for Firefox 17
x Removed some console noise
+ [Surrogate] Updated adf.ly surrogate to work with new links

Version 2.6.3rc2 518.3 KiB Works with Firefox 3.0.9 - 20.0a1, SeaMonkey 2.0 - 2.17a1

v 2.6.3rc2
=========================================================================
x [Surrogate] Work-around for anti-popunder surrogate causing Ebay to
recreate phantom cookies on page unload (thanks mjh563 for reporting)

v 2.6.3rc1
=========================================================================
x Work-around for some extensions (e.g. Adblock Plus, Tab Mix Plus)
breaking bookmarklets and URL bar Javascript support after being updated
for Firefox 17
x Removed some console noise
+ [Surrogate] Updated adf.ly surrogate to work with new links

Version 2.6.3rc1 518.4 KiB Works with Firefox 3.0.9 - 20.0a1, SeaMonkey 2.0 - 2.17a1

Version 2.6.2rc2 518.2 KiB Works with Firefox 3.0.9 - 20.0a1, SeaMonkey 2.0 - 2.17a1

v 2.6.2rc2
=========================================================================
x Fixed Google links anonymizer surrogate interfering with the "Search
tools" button (thanks Sledge Fox and Brian Admire for reporting)

v 2.6.2rc1
=========================================================================
x Fixed impossible to copy lines from Console² if opened by NoScript
(thanks therube for reporting and Phil Chee for suggestion)
x [XSS] Exception for wpcomwidgets.com safe inclusions
x Slightly reduced About box width (thanks GµårÐïåñ for RFE)

Version 2.6.2rc1 518.1 KiB Works with Firefox 3.0.9 - 20.0a1, SeaMonkey 2.0 - 2.17a1

v 2.6.2rc1
=========================================================================
x Fixed impossible to copy lines from Console² if opened by NoScript
(thanks therube for reporting and Phil Chee for suggestion)
x [XSS] Exception for wpcomwidgets.com safe inclusions
x Slightly reduced About box width (thanks GµårÐïåñ for RFE)

Version 2.6.1rc3 518.2 KiB Works with Firefox 3.0.9 - 19.0a1, SeaMonkey 2.0 - 2.16a1

v 2.6.1rc3
=========================================================================
x [XSS] Better compatibility with Ebay's saved searches

v 2.6.1rc2
=========================================================================
+ [Surrogate] Imagebax.com scriptless ads skipping redirection
x Fixed first non-cached page load in a session from about:newtab failing
- Removed legacy XUL script blocking code
+ Added optional diagnostic to centralized channel aborting

v 2.6.1rc1
=========================================================================
x Fixed bug in Java URLs resolution

Version 2.6.1rc2 517.9 KiB Works with Firefox 3.0.9 - 19.0a1, SeaMonkey 2.0 - 2.16a1

v 2.6.1rc2
=========================================================================
+ [Surrogate] Imagebax.com scriptless ads skipping redirection
x Fixed first non-cached page load in a session from about:newtab failing
- Removed legacy XUL script blocking code
+ Added optional diagnostic to centralized channel aborting

v 2.6.1rc1
=========================================================================
x Fixed bug in Java URLs resolution

Version 2.6.1rc1 517.8 KiB Works with Firefox 3.0.9 - 19.0a1, SeaMonkey 2.0 - 2.15.*

v 2.6.1rc1
=========================================================================
x Fixed bug in Java URLs resolution

Version 2.6rc3 517.9 KiB Works with Firefox 3.0.9 - 19.0a1, SeaMonkey 2.0 - 2.15.*

v 2.6rc3
=========================================================================
x Improved long URL wrapping for more manageable plugin placeholder
tooltips
x Fixed ABE notifications bleeding out of the viewport when very long
URLs are involved

v 2.6rc2
=========================================================================
+ [Surrogate] More efficient deferred script loading and syntax check,
saves memory and startup time from unused surrogates
+ [Surrogate] Picbucks.com scriptless ads skipping redirection
+ [Surrogate] Imagebunk.com scriptless image revealing
+ [Surrogate] Picsee.net scriptless image revealing

v 2.6rc1
=========================================================================
+ Added navigator.doNotTrack property support

Version 2.6rc2 518.1 KiB Works with Firefox 3.0.9 - 19.0a1, SeaMonkey 2.0 - 2.15.*

v 2.6rc2
=========================================================================
+ [Surrogate] More efficient deferred script loading and syntax check,
saves memory and startup time from unused surrogates
+ [Surrogate] Picbucks.com scriptless ads skipping redirection
+ [Surrogate] Imagebunk.com scriptless image revealing
+ [Surrogate] Picsee.net scriptless image revealing

v 2.6rc1
=========================================================================
+ Added navigator.doNotTrack property support

Version 2.6rc1 517.8 KiB Works with Firefox 3.0.9 - 19.0a1, SeaMonkey 2.0 - 2.15.*

v 2.6rc1
=========================================================================
+ Added navigator.doNotTrack property support

Version 2.5.9rc3 517.8 KiB Works with Firefox 3.0.9 - 19.0a1, SeaMonkey 2.0 - 2.15.*

v 2.5.9rc3
=========================================================================
+ Added afx.ms and gfx.ms (fully controlled by Microsoft, no user content
allowed) to the default whitelist (required by MS mail services)
+ [XSS] Removed false positive on some Google Gadgets; the work-around
can be disabled by setting the noscript.filterXExceptions.ggadgets
about:config preference to false (thanks Silvana for reporting)

v 2.5.9rc2
=========================================================================
+ Added new fake mimetype placeholder "FRAME" to match FRAMEs and IFRAMES
with the noscript.allowedMimeRegExp preference
+ Made mimetype whitelisting through the noscript.allowedMimeRegExp
preference work with FRAMEs and IFRAMEs as well
x Fixed redirections involving sites marked as untrusted causing
inconsistencies in page permissions, with JavaScript being blocked even
if the site is whitelisted (thanks al_9x for reporting)

v 2.5.9rc1
=========================================================================
x Fixed regression on older Gecko versions causing NoScript to believe
the browser is proxied when it's not

Version 2.5.9rc2 517.5 KiB Works with Firefox 3.0.9 - 19.0a1, SeaMonkey 2.0 - 2.15.*

v 2.5.9rc2
=========================================================================
+ Added new fake mimetype placeholder "FRAME" to match FRAMEs and IFRAMES
with the noscript.allowedMimeRegExp preference
+ Made mimetype whitelisting through the noscript.allowedMimeRegExp
preference work with FRAMEs and IFRAMEs as well
x Fixed redirections involving sites marked as untrusted causing
inconsistencies in page permissions, with JavaScript being blocked even
if the site is whitelisted (thanks al_9x for reporting)

v 2.5.9rc1
=========================================================================
x Fixed regression on older Gecko versions causing NoScript to believe
the browser is proxied when it's not

Version 2.5.9rc1 517.4 KiB Works with Firefox 3.0.9 - 19.0a1, SeaMonkey 2.0 - 2.15.*

v 2.5.9rc1
=========================================================================
x Fixed regression on older Gecko versions causing NoScript to believe
the browser is proxied when it's not

Version 2.5.8rc2 517.3 KiB Works with Firefox 3.0.9 - 19.0a1, SeaMonkey 2.0 - 2.15.*

v 2.5.8rc2
=========================================================================
x Work-around for unique origins being assigned to URL bar loads by Gecko
16 and above interfering with some ABE rules
x Work-around for bug 797684 patch causing ABE's Sandbox action to fail

v 2.5.8rc1
=========================================================================
x Work-around for regression from Mozilla bug 797684 fix causing frames
not to be blocked correctly in recent >= 18 builds
x Slightly revised About box to make more room for contributors

Version 2.5.8rc1 517.1 KiB Works with Firefox 3.0.9 - 19.0a1, SeaMonkey 2.0 - 2.15.*

v 2.5.8rc1
=========================================================================
x Work-around for regression from Mozilla bug 797684 fix causing frames
not to be blocked correctly in recent >= 18 builds
x Slightly revised About box to make more room for contributors

Version 2.5.7rc5 517.0 KiB Works with Firefox 3.0.9 - 19.0a1, SeaMonkey 2.0 - 2.15.*

v 2.5.7rc5
=========================================================================
x Fixed synchronous timeout emulation ordering bug in bookmarklet
execution on scriptless pages (thanks Infocatcher for reporting)

v 2.5.7rc4
=========================================================================
x [XSS] Fixed comment preprocessing optimization affecting free
JavaScript detection, thanks Masato Kinugawa for reporting
x [XSS] Fixed second order data: URLs sanitization issue, thanks Masato
Kinugawa for reporting

v 2.5.7rc3
=========================================================================
x Fixed meta refresh blocker notification bar broken on Gecko < 4 (thanks
nitou for reporting)
x Fixed iframe placeholder positioning issue (thanks al_9x for report)

v 2.5.7rc2
=========================================================================
x Fixed regression in placeholder positioning (thanks al_9x for report)

v 2.5.7rc1
=========================================================================
x [ClearClick] Fixed false positive on cross-site SVG document embeddings
(thanks Steffen for reporting)

Version 2.5.7rc4 517.1 KiB Works with Firefox 3.0.9 - 18.0a1, SeaMonkey 2.0 - 2.15a1

v 2.5.7rc4
=========================================================================
x [XSS] Fixed comment preprocessing optimization affecting free
JavaScript detection, thanks Masato Kinugawa for reporting
x [XSS] Fixed second order data: URLs sanitization issue, thanks Masato
Kinugawa for reporting

v 2.5.7rc3
=========================================================================
x Fixed meta refresh blocker notification bar broken on Gecko < 4 (thanks
nitou for reporting)
x Fixed iframe placeholder positioning issue (thanks al_9x for report)

v 2.5.7rc2
=========================================================================
x Fixed regression in placeholder positioning (thanks al_9x for report)

v 2.5.7rc1
=========================================================================
x [ClearClick] Fixed false positive on cross-site SVG document embeddings
(thanks Steffen for reporting)

Version 2.5.7rc1 517.0 KiB Works with Firefox 3.0.9 - 18.0a1, SeaMonkey 2.0 - 2.15a1

v 2.5.7rc1
=========================================================================
x [ClearClick] Fixed false positive on cross-site SVG document embeddings
(thanks Steffen for reporting)

Version 2.5.7rc3 517.1 KiB Works with Firefox 3.0.9 - 18.0a1, SeaMonkey 2.0 - 2.15a1

v 2.5.7rc3
=========================================================================
x Fixed meta refresh blocker notification bar broken on Gecko < 4 (thanks
nitou for reporting)
x Fixed iframe placeholder positioning issue (thanks al_9x for report)

v 2.5.7rc2
=========================================================================
x Fixed regression in placeholder positioning (thanks al_9x for report)

v 2.5.7rc1
=========================================================================
x [ClearClick] Fixed false positive on cross-site SVG document embeddings
(thanks Steffen for reporting)

Version 2.5.7rc2 517.0 KiB Works with Firefox 3.0.9 - 18.0a1, SeaMonkey 2.0 - 2.15a1

v 2.5.7rc2
=========================================================================
x Fixed regression in placeholder positioning (thanks al_9x for report)

v 2.5.7rc1
=========================================================================
x [ClearClick] Fixed false positive on cross-site SVG document embeddings
(thanks Steffen for reporting)

Version 2.5.6rc2 517.1 KiB Works with Firefox 3.0.9 - 18.0a1, SeaMonkey 2.0 - 2.15a1

v 2.5.6rc2
=========================================================================
+ [XSS] Fixed slow regular expression causing some base64 request
payloads to trigger false positives (thanks Mirko Tasler for reporting)

v 2.5.6rc1
=========================================================================
+ Force placeholders to frontmost position e.g. on HTML 5 Youtube content
+ New icon for blocked embeddings on globally allowed pages (thanks
therube for RFE)

Version 2.5.6rc1 517.0 KiB Works with Firefox 3.0.9 - 18.0a1, SeaMonkey 2.0 - 2.15a1

v 2.5.6rc1
=========================================================================
+ Force placeholders to frontmost position e.g. on HTML 5 Youtube content
+ New icon for blocked embeddings on globally allowed pages (thanks
therube for RFE)