AMO is getting a new look. Would you like to see it?

Visit the new site

Close

NoScript Security Suite Version History

689 versions

Be careful with old versions!

These versions are displayed for reference and testing purposes. You should always use the latest version of an add-on.

Version 2.6.9.6rc1 530.7 KiB Works with Firefox 3.0.9 - 37.0, SeaMonkey 2.0 - 2.34

v 2.6.9.6rc1
=============================================================
x Fixed subdocuments of a [System Principal] page not being
allowed when they should in cascade permission modes (
thanks hjkl for reporting)

Version 2.6.9.5rc3 530.7 KiB Works with Firefox 3.0.9 - 37.0, SeaMonkey 2.0 - 2.34

v 2.6.9.5rc3
=============================================================
x Fixed memory leak when a top-level browser window is closed
(thanks cks for reporting)
x [XSS] compatibility tweak for swisspost.ch
x Miscellaneous HTTPS URLs lockdown

v 2.6.9.5rc2
=============================================================
+ Support for full-encrypted https://noscript.net
x Updated Twitter surrogate (thanks ozjuggler and barbaz)
x Work-around for thumbnail generation protection being
broken by some add-ons
x Fully disable background processed thumbnail generation
unless noscript.bgThumbs.allowed about:config preference
is set to true
x Control JavaScript enabled in background thumbail
generation through the noscript.bgThumbs.disableJS
about:config preference

v 2.6.9.5rc1
=============================================================
+ Forcing remote browsers used for thumbnail generation to
disable JavaScript (thanks vpoint for reporting)
+ [Surrogate] Invodo dummy replacement (thanks barbaz)

Version 2.6.9.5rc2 530.7 KiB Works with Firefox 3.0.9 - 37.0, SeaMonkey 2.0 - 2.34

v 2.6.9.5rc2
=============================================================
+ Support for full-encrypted https://noscript.net
x Updated Twitter surrogate (thanks ozjuggler and barbaz)
x Work-around for thumbnail generation protection being
broken by some add-ons
x Fully disable background processed thumbnail generation
unless noscript.bgThumbs.allowed about:config preference
is set to true
x Control JavaScript enabled in background thumbail
generation through the noscript.bgThumbs.disableJS
about:config preference

v 2.6.9.5rc1
=============================================================
+ Forcing remote browsers used for thumbnail generation to
disable JavaScript (thanks vpoint for reporting)
+ [Surrogate] Invodo dummy replacement (thanks barbaz)

Version 2.6.9.5rc1 530.5 KiB Works with Firefox 3.0.9 - 37.0, SeaMonkey 2.0 - 2.34

v 2.6.9.5rc1
=============================================================
+ Forcing remote browsers used for thumbnail generation to
disable JavaScript (thanks vpoint for reporting)
+ [Surrogate] Invodo dummy replacement (thanks barbaz)

Version 2.6.9.4rc1 530.2 KiB Works with Firefox 3.0.9 - 37.0, SeaMonkey 2.0 - 2.34

v 2.6.9.4rc1
=============================================================
+ Added vimeocdn.com as a vimeo.com dependency if already
withlisted
+ [Surrogate] Enabling imgserve.com age verification button
even if JavaScript is disabled
x Fixed IP6 to IP4 mapping bug (thanks stack / inventati)

Version 2.6.9.3rc3 530.2 KiB Works with Firefox 3.0.9 - 36.0, SeaMonkey 2.0 - 2.33

v 2.6.9.3rc3
=============================================================
x More accurate referrer checks for some edge cases (thanks
AlbertMTom for reporting)
x Fixed regression in LOCAL IP matching for 192.168.0.0/16
(thanks barbaz for reporting)

v 2.6.9.3rc2
=============================================================
x [ABE] More restrictive local IP checks (thanks AlbertMTom
for reporting)
+ More permissive AddressMatcher IP parser

v 2.6.9.3rc1
=============================================================
+ [XSS] Improved sensitivity (thanks Masato Kinugawa)

Version 2.6.9.3rc2 530.2 KiB Works with Firefox 3.0.9 - 36.0, SeaMonkey 2.0 - 2.33

v 2.6.9.3rc2
=============================================================
x [ABE] More restrictive local IP checks (thanks AlbertMTom
for reporting)
+ More permissive AddressMatcher IP parser

v 2.6.9.3rc1
=============================================================
+ [XSS] Improved sensitivity (thanks Masato Kinugawa)

Version 2.6.9.3rc1 530.1 KiB Works with Firefox 3.0.9 - 36.0, SeaMonkey 2.0 - 2.33

v 2.6.9.3rc1
=============================================================
+ [XSS] Improved sensitivity (thanks Masato Kinugawa)

Version 2.6.9.2rc3 530.0 KiB Works with Firefox 3.0.9 - 36.0, SeaMonkey 2.0 - 2.33

v 2.6.9.2rc3
=============================================================
+ [XSS] Improved sensitivity (thanks Masato Kinugawa)

v 2.6.9.2rc2
=============================================================
+ [XSS] Improved sensitivity (thanks Masato Kinugawa)

v 2.6.9.2rc1
=============================================================
+ [XSS] Improved sensitivity (thanks Masato Kinugawa)

Version 2.6.9.2rc2 530.1 KiB Works with Firefox 3.0.9 - 36.0, SeaMonkey 2.0 - 2.32

v 2.6.9.2rc2
=============================================================
+ [XSS] Improved sensitivity (thanks Masato Kinugawa)

v 2.6.9.2rc1
=============================================================
+ [XSS] Improved sensitivity (thanks Masato Kinugawa)

Version 2.6.9.2rc1 530.0 KiB Works with Firefox 3.0.9 - 36.0, SeaMonkey 2.0 - 2.32

v 2.6.9.2rc1
=============================================================
+ [XSS] Improved sensitivity (thanks Masato Kinugawa)

Version 2.6.9.1rc2 530.0 KiB Works with Firefox 3.0.9 - 36.0, SeaMonkey 2.0 - 2.32

v 2.6.9.1rc2
=============================================================
+ [XSS] Improved focus-based exfiltration protection

v 2.6.9.1rc1
=============================================================
+ [XSS] focus-based exfiltration protection (thanks Masato
Kinugawa for reporting)
x [XSS] Fixed false positive in risky operators detection
(thanks Roman Vock for reporting)

Version 2.6.9.1rc1 530.0 KiB Works with Firefox 3.0.9 - 36.0, SeaMonkey 2.0 - 2.32

v 2.6.9.1rc1
=============================================================
+ [XSS] focus-based exfiltration protection (thanks Masato
Kinugawa for reporting)
x [XSS] Fixed false positive in risky operators detection
(thanks Roman Vock for reporting)

Version 2.6.9rc4 530.0 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.9rc4
=============================================================
+ [XSS] Fixed bug in location-based exfiltration protection
(thanks Masato Kinugawa for reporting)

v 2.6.9rc3
=============================================================
+ [XSS] Improved location-based exfiltration protection
(thanks Masato Kinugawa for reporting)

v 2.6.9rc2
=============================================================
+ [Surrogate] login.person.org inclusion (thanks barbaz)
x [XSS] Fixed 2.6.8.43 regressions
x [XSS] Improved specificity for eval-like patterns

v 2.6.9rc1
=============================================================
+ Switched to a treeview for faster management of very long
whitelists (thanks barbaz for patch)
x Tentative work-around for potential performance problems
reportedly related to Australis support
x [XSS] Fixed 2.6.8.43 regressions

Version 2.6.9rc3 529.9 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.9rc3
=============================================================
+ [XSS] Improved location-based exfiltration protection
(thanks Masato Kinugawa for reporting)

Version 2.6.9rc2 529.9 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.9rc2
=============================================================
+ [Surrogate] login.person.org inclusion (thanks barbaz)
x [XSS] Fixed 2.6.8.43 regressions
x [XSS] Improved specificity for eval-like patterns

v 2.6.9rc1
=============================================================
+ Switched to a treeview for faster management of very long
whitelists (thanks barbaz for patch)
x Tentative work-around for potential performance problems
reportedly related to Australis support
x [XSS] Fixed 2.6.8.43 regressions

Version 2.6.9rc1 531.5 KiB Works with Firefox 3.0.9 - 36.0, SeaMonkey 2.0 - 2.33

v 2.6.9rc1
=============================================================
+ Switched to a treeview for faster management of very long
whitelists (thanks barbaz for patch)
x Tentative work-around for potential performance problems
reportedly related to Australis support
x [XSS] Fixed 2.6.8.43 regressions

Version 2.6.8.43rc2 528.5 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.43rc2
=============================================================
x [XSS] Fixed rc1 regression (thanks Masato Kinugawa for
reporting)

v 2.6.8.43rc1
=============================================================
x [XSS] Protection against some exfiltration attacks based on
arithmetic operators (thanks Masato Kinugawa and File
Descriptor AKA XSS Jigsaw for reporting)

Version 2.6.8.43rc1 528.4 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.43rc1
=============================================================
x [XSS] Protection against some exfiltration attacks based on
arithmetic operators (thanks Masato Kinugawa and File
Descriptor AKA XSS Jigsaw for reporting)

Version 2.6.8.42rc3 528.3 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.42rc3
=============================================================
+ User-facing "Reload the current tab only" option
x [XSS] Improved window.name exfiltration protection
(thanks Masato Kinugava for reporting)

v 2.6.8.42rc2
=============================================================
x Fixed subtle bug in ScriptSurrogate.replaceScript()
x Fixed HTTPS and cascading permission policies not applying
to XHR and XBL checks
x [XSS] Fixed ES6-based bypasses (thanks Masato Kinugava for
reporting)
+ [XSS] window.name exfiltration protection (thanks Masato
Kinugava for reporting)

v 2.6.8.42rc1
=============================================================
x Fixed script sources enumeration breakage in Firefox 35
(Moz Bug 1068508, thanks Octoploid for reporting)

Version 2.6.8.42rc2 528.1 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.42rc2
=============================================================
x Fixed subtle bug in ScriptSurrogate.replaceScript()
x Fixed HTTPS and cascading permission policies not applying
to XHR and XBL checks
x [XSS] Fixed ES6-based bypasses (thanks Masato Kinugava for
reporting)
+ [XSS] window.name exfiltration protection (thanks Masato
Kinugava for reporting)

v 2.6.8.42rc1
=============================================================
x Fixed script sources enumeration breakage in Firefox 35
(Moz Bug 1068508, thanks Octoploid for reporting)

Version 2.6.8.42rc1 527.8 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.42rc1
=============================================================
x Fixed script sources enumeration breakage in Firefox 35
(Moz Bug 1068508, thanks Octoploid for reporting)

Version 2.6.8.41rc3 527.8 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.41rc3
=============================================================
x Improved Australis toolbar compatibility (thanks Quicksaver
for help)

v 2.6.8.41rc2
=============================================================
x Added "Always ask" checkbox to the removal confirmation
dialog (thanks agaxwtmp for RFE)
x Fixed Options dialog broken on ancient Firefox versions

v 2.6.8.41rc1
=============================================================
x Improved Australis toolbar compatibility (thanks Quicksaver
for patch)
x [XSS] Fixed false positive within *.adxns.com

Version 2.6.8.41rc2 527.7 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.41rc2
=============================================================
x Added "Always ask" checkbox to the removal confirmation
dialog (thanks agaxwtmp for RFE)
x Fixed Options dialog broken on ancient Firefox versions

v 2.6.8.41rc1
=============================================================
x Improved Australis toolbar compatibility (thanks Quicksaver
for patch)
x [XSS] Fixed false positive within *.adxns.com

Version 2.6.8.41rc1 527.7 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.41rc1
=============================================================
x Improved Australis toolbar compatibility (thanks Quicksaver
for patch)
x [XSS] Fixed false positive within *.adxns.com

Version 2.6.8.40rc2 529.0 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.40rc2
=========================================================================
x Fixed regression causing script inclusions with non-standard ports to
be always blocked

v 2.6.8.40rc1
=========================================================================
x [ABE] Improved ruleset editing UI (thanks barbaz for patch)

Version 2.6.8.40rc1 528.9 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.40rc1
=========================================================================
x [ABE] Improved ruleset editing UI (thanks barbaz for patch)

Version 2.6.8.39rc2 527.2 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.39rc2
=========================================================================
x [Surrogate] Removed DARLA surrogate and reimplemented its work-around
as a XSS filter exception
x [Bookmarklets] Fixed bookmarklets broken when JavaScript is enabled
(thanks therube for reporting)

v 2.6.8.39rc1
=========================================================================
x [Surrogate] Work-around for DARLA surrogate breaking Yahoo! Mail

Version 2.6.8.39rc1 527.3 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.39rc1
=========================================================================
x [Surrogate] Work-around for DARLA surrogate breaking Yahoo! Mail

Version 2.6.8.38rc2 527.0 KiB Works with Firefox 3.0.9 - 35.0, SeaMonkey 2.0 - 2.32

v 2.6.8.38rc2
=========================================================================
x Fixed regression preventing Youtube movies from playing

v 2.6.8.38rc1
=========================================================================
x Completed work-around for Firefox's Bug 1044351
x [Surrogate] Improved Yahoo! DARLA source matching