Historique de version de NoScript

927 versions

Méfiez-vous des anciennes versions !

Ces versions sont affichées pour informations et à titre d'essais. Vous devriez toujours utiliser la dernière version d'un module.

Version 2.5.8rc2 529.7 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.8rc2
=========================================================================
x Work-around for unique origins being assigned to URL bar loads by Gecko
16 and above interfering with some ABE rules
x Work-around for bug 797684 patch causing ABE's Sandbox action to fail

v 2.5.8rc1
=========================================================================
x Work-around for regression from Mozilla bug 797684 fix causing frames
not to be blocked correctly in recent >= 18 builds
x Slightly revised About box to make more room for contributors

Version 2.5.8rc1 529.5 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.8rc1
=========================================================================
x Work-around for regression from Mozilla bug 797684 fix causing frames
not to be blocked correctly in recent >= 18 builds
x Slightly revised About box to make more room for contributors

Version 2.5.7.1-signed 529.4 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.7
=========================================================================
x Fixed synchronous timeout emulation ordering bug in bookmarklet
execution on scriptless pages (thanks Infocatcher for reporting)
x [XSS] Fixed comment preprocessing optimization affecting free
JavaScript detection, thanks Masato Kinugawa for reporting
x [XSS] Fixed second order data: URLs sanitization issue, thanks Masato
Kinugawa for reporting
x Fixed meta refresh blocker notification bar broken on Gecko < 4 (thanks
nitou for reporting)
x Fixed iframe placeholder positioning issue (thanks al_9x for report)
x Fixed regression in placeholder positioning (thanks al_9x for report)
x [ClearClick] Fixed false positive on cross-site SVG document embeddings
(thanks Steffen for reporting)

Version 2.5.7rc5 529.4 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.7rc5
=========================================================================
x Fixed synchronous timeout emulation ordering bug in bookmarklet
execution on scriptless pages (thanks Infocatcher for reporting)

v 2.5.7rc4
=========================================================================
x [XSS] Fixed comment preprocessing optimization affecting free
JavaScript detection, thanks Masato Kinugawa for reporting
x [XSS] Fixed second order data: URLs sanitization issue, thanks Masato
Kinugawa for reporting

v 2.5.7rc3
=========================================================================
x Fixed meta refresh blocker notification bar broken on Gecko < 4 (thanks
nitou for reporting)
x Fixed iframe placeholder positioning issue (thanks al_9x for report)

v 2.5.7rc2
=========================================================================
x Fixed regression in placeholder positioning (thanks al_9x for report)

v 2.5.7rc1
=========================================================================
x [ClearClick] Fixed false positive on cross-site SVG document embeddings
(thanks Steffen for reporting)

Version 2.5.7rc4 529.5 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.7rc4
=========================================================================
x [XSS] Fixed comment preprocessing optimization affecting free
JavaScript detection, thanks Masato Kinugawa for reporting
x [XSS] Fixed second order data: URLs sanitization issue, thanks Masato
Kinugawa for reporting

v 2.5.7rc3
=========================================================================
x Fixed meta refresh blocker notification bar broken on Gecko < 4 (thanks
nitou for reporting)
x Fixed iframe placeholder positioning issue (thanks al_9x for report)

v 2.5.7rc2
=========================================================================
x Fixed regression in placeholder positioning (thanks al_9x for report)

v 2.5.7rc1
=========================================================================
x [ClearClick] Fixed false positive on cross-site SVG document embeddings
(thanks Steffen for reporting)

Version 2.5.7rc1 529.4 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.7rc1
=========================================================================
x [ClearClick] Fixed false positive on cross-site SVG document embeddings
(thanks Steffen for reporting)

Version 2.5.7rc3 529.5 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.7rc3
=========================================================================
x Fixed meta refresh blocker notification bar broken on Gecko < 4 (thanks
nitou for reporting)
x Fixed iframe placeholder positioning issue (thanks al_9x for report)

v 2.5.7rc2
=========================================================================
x Fixed regression in placeholder positioning (thanks al_9x for report)

v 2.5.7rc1
=========================================================================
x [ClearClick] Fixed false positive on cross-site SVG document embeddings
(thanks Steffen for reporting)

Version 2.5.7rc2 529.4 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.7rc2
=========================================================================
x Fixed regression in placeholder positioning (thanks al_9x for report)

v 2.5.7rc1
=========================================================================
x [ClearClick] Fixed false positive on cross-site SVG document embeddings
(thanks Steffen for reporting)

Version 2.5.6.1-signed 529.3 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.6
=========================================================================
x [XSS] Fixed slow regular expression causing some base64 request
payloads to trigger false positives (thanks Mirko Tasler for reporting)
+ Force placeholders to frontmost position e.g. on HTML 5 Youtube content
+ New icon for blocked embeddings on globally allowed pages (thanks
therube for RFE)

Version 2.5.6rc2 529.6 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.6rc2
=========================================================================
+ [XSS] Fixed slow regular expression causing some base64 request
payloads to trigger false positives (thanks Mirko Tasler for reporting)

v 2.5.6rc1
=========================================================================
+ Force placeholders to frontmost position e.g. on HTML 5 Youtube content
+ New icon for blocked embeddings on globally allowed pages (thanks
therube for RFE)

Version 2.5.6rc1 529.4 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.6rc1
=========================================================================
+ Force placeholders to frontmost position e.g. on HTML 5 Youtube content
+ New icon for blocked embeddings on globally allowed pages (thanks
therube for RFE)

Version 2.5.5.1-signed 527.4 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.5
=========================================================================
+ More reliable Java applet origin identification
x Cross-browser work-around for
https://bugzilla.mozilla.org/show_bug.cgi?id=789773

Version 2.5.5rc2 527.4 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.5rc2
=========================================================================
x Cross-browser work-around for
https://bugzilla.mozilla.org/show_bug.cgi?id=789773

v 2.5.5rc1
=========================================================================
+ More reliable Java applet origin identification
x Work-around for https://bugzilla.mozilla.org/show_bug.cgi?id=789773

Version 2.5.5rc1 527.4 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.5rc1
=========================================================================
+ More reliable Java applet origin identification
x Work-around for https://bugzilla.mozilla.org/show_bug.cgi?id=789773

Version 2.5.4.1-signed 527.4 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.4
=========================================================================
x Fixed HTTP checks not being skipped anymore for some chrome-generated
XMLHttpRequest requests because of a Gecko 15 change
x Work-around for cloned DOM nodes not retaining additional
chrome-attached information anymore, thus breaking placeholders in some
cases (thanks al_9x for reporting)
x Fixed placeholder post-enablement event channeling broken by Sandbox
changes
x Fixed placeholder sizes messed up by changes in Gecko 17
x Work-around for broken content policy call for Java plugin on Gecko 17
and above (thanks marty60 for reporting)

Version 2.5.4rc3 527.4 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.4rc3
=========================================================================
x Fixed HTTP checks not being skipped anymore for some chrome-generated
XMLHttpRequest requests because of a Gecko 15 change
x Work-around for cloned DOM nodes not retaining additional
chrome-attached information anymore, thus breaking placeholders in some
cases (thanks al_9x for reporting)
x Fixed placeholder post-enablement event channeling broken by Sandbox
changes

v 2.5.4rc2
=========================================================================
x Fixed meta-refresh emulation regression in Gecko 16 and below

v 2.5.4rc1
=========================================================================
x Fixed placeholder sizes messed up by changes in Gecko 17
x Work-around for broken content policy call for Java plugin on Gecko 17
and above (thanks marty60 for reporting)

Version 2.5.4rc2 527.4 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.4rc2
=========================================================================
x Fixed meta-refresh emulation regression in Gecko 16 and below

v 2.5.4rc1
=========================================================================
x Fixed placeholder sizes messed up by changes in Gecko 17
x Work-around for broken content policy call for Java plugin on Gecko 17
and above (thanks marty60 for reporting)

Version 2.5.4rc1 527.4 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.4rc1
=========================================================================
x Fixed placeholder sizes messed up by changes in Gecko 17
x Work-around for broken content policy call for Java plugin on Gecko 17
and above (thanks marty60 for reporting)

Version 2.5.3.1-signed 526.3 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.3
=========================================================================
x [XSS] Fixed false positives on URLs containing an ASP.NET cookieless
session identifier (thanks Trupti Chaudhari for reporting)
+ noscript.eraseFloatingElements about:config preference to switch the
mousedown + del key floating popup erasing feature off and on
x Limited the mousedown + del key floating popup erasing feature to pages
where scripts are forbidden and to absolute or fixed position elements
x Fixed JavaScript URL non-void expression evaluation in the URL bar
causing scripts to get globally allowed (thanks al_9x for reporting)
x [XSS] Work-around for a Gecko URL parsing quirk (thanks .mario for
reporting)

Version 2.5.3rc4 527.4 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.3rc4
=========================================================================
x Fixed false positives on URL containing an ASP.NET cookieless session
identifier (thanks Trupti Chaudhari for reporting)

v 2.5.3rc3
=========================================================================
+ noscript.eraseFloatingElements about:config preference to switch the
mousedown + del key floating popup erasing feature off and on
x Limited the mousedown + del key floating popup erasing feature to pages
where scripts are forbidden and to absolute or fixed position elements

v 2.5.3rc2
=========================================================================
x Fixed JavaScript URL non-void expression evaluation in the URL bar
causing scripts to get globally allowed (thanks al_9x for reporting)

v 2.5.3rc1
=========================================================================
x [XSS] Work-around for a Gecko URL parsing quirk (thanks .mario for
reporting)

Version 2.5.3rc3 526.3 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.3rc3
=========================================================================
+ noscript.eraseFloatingElements about:config preference to switch the
mousedown + del key floating popup erasing feature off and on
x Limited the mousedown + del key floating popup erasing feature to pages
where scripts are forbidden and to absolute or fixed position elements

v 2.5.3rc2
=========================================================================
x Fixed JavaScript URL non-void expression evaluation in the URL bar
causing scripts to get globally allowed (thanks al_9x for reporting)

v 2.5.3rc1
=========================================================================
x [XSS] Work-around for a Gecko URL parsing quirk (thanks .mario for
reporting)

Version 2.5.3rc2 526.3 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.3rc2
=========================================================================
x Fixed JavaScript URL non-void expression evaluation in the URL bar
causing scripts to get globally allowed (thanks al_9x for reporting)

v 2.5.3rc1
=========================================================================
x [XSS] Work-around for a Gecko URL parsing quirk (thanks .mario for
reporting)

Version 2.5.3rc1 526.3 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

Version 2.5.2.1-signed 526.3 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.2
=========================================================================
x [ClearClick] Improved protection against clickjacking timing attacks
(thanks Nafeez Ahmed for reporting)
x Fine tuned floating div (in-page popup) removal by locking it to the
nearest positioned ancestor and swallowing the mouseup event if the
DEL key has been hit after last mousedown

Version 2.5.2rc2 526.3 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.2rc2
=========================================================================
x [ClearClick] Improved protection against clickjacking timing attacks
(thanks Nafeez Ahmed for reporting)

v 2.5.2rc1
=========================================================================
x Fine tuned floating div (in-page popup) removal by locking it to the
nearest positioned ancestor and swallowing the mouseup event if the
DEL key has been hit after last mousedown

Version 2.5.2rc1 526.3 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.2rc1
=========================================================================
x Fine tuned floating div (in-page popup) removal by locking it to the
nearest positioned ancestor and swallowing the mouseup event if the
DEL key has been hit after last mousedown

Version 2.5.1.1-signed 526.3 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

+ Holding the left mouse button down on a page element and hitting the
DEL key will remove it (useful to forcibly kill in-page popups when
scripts are disabled)
x Fixed Acid3 test scoring 99 instead of 100 because of a Cursorjacking
protection implementation detail
- Disabled LiveConnect interception on Gecko 16 or better, since Java
globals have been removed from the DOM
x [XSS] Work-around for Mozilla TBPL DOS (thanks Daniel Holbert for
reporting)
x Fixed Silverlight and Flash scripted initialization patches being
broken by recent JavaScript interpreter changes
x Work-around for hp-ww.com misconfiguration (JavaScript files served
with bogus content-type header)

Version 2.5.1rc2 526.3 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.1rc2
=========================================================================
+ Holding the left mouse button down on a page element and hitting the
DEL key will remove it (useful to forcibly kill in-page popups when
scripts are disabled)
x Fixed Acid3 test scoring 99 instead of 100 because of a Cursorjacking
protection implementation detail
- Disabled LiveConnect interception on Gecko 16 or better, since Java
globals have been removed from the DOM
x [XSS] Work-around for Mozilla TBPL DOS (thanks Daniel Holbert for
reporting)
x Fixed Silverlight and Flash scripted initialization patches being
broken by recent JavaScript interpreter changes

Version 2.5.1rc1 525.3 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5.1rc1
=========================================================================
x Work-around for hp-ww.com misconfiguration (JavaScript files served
with bogus content-type header)

Version 2.5.1-signed 525.3 kB Fonctionne avec Firefox 3.0.9 et supérieures, Mobile 1.0 - 2.0a1pre, SeaMonkey 2.0 et supérieures

v 2.5
=========================================================================
+ [XSS] Improved XML handling algorithm preserves E4X detection accuracy
while removing false positives, e.g. against OAUTH payloads
x Work-around for additional browser tools placed on the bottom of the
content messing with NoScript's notification height (thanks ochristi
for report)
x [XSS] Added exception for self-injecting yahoo.com/yimg.com frames (can
be disabled by setting the noscript.filterXExceptions.yahoo
about:config preference to false)
x Fixed placeholders for absolutely positioned elements may cause layout
glitches (thanks al_9x for reporting)
x Fixed interaction with built-in Firefox's click-to-play causing
infinite object activation loop (thanks al_9x for reporting)