NoScript Security Suite-versiegeschiedenis

414 versies

Wees voorzichtig met oude versies!

Deze versies worden ter referentie en voor testdoeleinden weergegeven. U dient altijd de meest recente versie van een add-on te gebruiken.

Versie 10.1.6.5 361.7 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.6.5
=============================================================
+ Context menu on web pages to access main UI
x Fixed UI regression showing only the two rightmost
components of IPv4 addresses
x [XSS] More specific and unobtrusive handling of window.name
sanitization
x Fixed "XSS User Choices" not being included in Export files

Versie 10.1.6.4 361.8 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.6.4
=============================================================
x Fixed race condition on XSS filter first load
x Fixed duplicate entries in UI on page reloads (thanks 8-bit
for reporting)
+ Spinner for long sites lists in Options page
- Removed obsolete work-around for accidental TRUSTED preset
wiping
x [UI] Fixed clicking on capability's label doesn't toggle
the related checkbox (thanks dhouwn and olf for reporting)
x [XSS] Fixed false positives on badly encoded URLs (thanks
sage11 for reporting)

Versie 5.1.8.4 759.1 KiB Werkt met Firefox 45.0 - 56.0, SeaMonkey 2.42 - *

v 5.1.6.4
=============================================================
x Fixed XSS false positive on some Facebook embeddings
(thanks barbaz for reporting)
x Fixed edge case origin checks for WebExtensions embedded in
privileged documents
x Fixed DNT support initialization regression (thanks barbaz
for reporting)
x [XSS] Fixed false positives on badly encoded URLs (thanks
sage11 for reporting)
x Script Surrogates don't affect privileged URLs anymore,
unless the noscript.surrogate.matchPrivileged about:config
preference is set to true (thanks barbaz for RFE)
x [e10s] Fixed temporary permissions inter-process sync issue
(thanks to the TorBrowser team for solution)

Versie 10.1.6.3 361.3 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.6.3
=============================================================
x Improved tooltip clarity
x Added version number to the browser action tooltip (thanks
therube for RFE)
x More restrictive domain matching in the main UI for "fake"
TLDs, showing pseudo 2nd level domains containing one dot
x Domain matching now treats unknown no-dot domains (not in
the public suffixes list) as TLDs everywhere (fix finally
not overwritten by auto-generated tld.js)
x Fixed rc4 regression causing synchronized changes not to be
persisted
x Smarter XSS popup behavior when reporting concurrent events
from/to the same origins
x Fixed full breakage when sync storage is disabled
x Improved layout on small screens (less than 10cm wide)
x Moved preset customization into its own (more discoverable)
global Options section, rather than embedded in assignment
x Improved validation of manual entries
x Needed capabilities highlighted also on short-hand domain
matched entries inside the CUSTOM preset
x Domain matching now works also for manually entered TLDs
and pseudo-TLDs, such as "gov.us" or "cloudflare.net"

Versie 10.1.6.2 360.4 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.6.2
=============================================================
+ Individual temporary / permanent TRUSTED preset buttons
- Removed customizability of DEFAULT, TRUSTED and UNTRUSTED
preset from the popup (reported as a major source of
confusion) while keeping it in the Options tab
x Better display on mobile devices in portrait mode
x Fixed focus bug on mobile devices
x Fixed confirmation prompt when loading Site Info for the
first time being ignored
x Fixed import feature failing on some full JSON "Classic"
export files (thanks Floe for reporting)
x Fixed policy serialization bug causing temporary TRUSTED
sites to be listed in the UNTRUSTED array as well (thanks
pal1000 for reporting)
x Fixed action icon being disabled on Options tabs and not
re-enabled when navigating away in the same tab (thanks
geek99 for reporting)

Versie 10.1.6.1 344.2 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.6.1
=============================================================
x Reduced UI sizes in desktop version
x Work-around for Firefox bug preventing the Export button
from working on non-Windows platforms

Versie 10.1.6 344.3 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.6
=============================================================
x [XSS] Improved sensitivity of JSON whitelisting (thanks
@SamuraiFoochs for reporting)
x [XSS] Improved specificity of nested URL checks (thanks
@SamuraiFoochs for reporting)
x New configuration export implementation, more convoluted
but not requiring the "downloads" permission

Versie 10.1.5.9 344.8 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.5.9
=============================================================
x Fixed some XSS false positives
x Fixed out of scale rendering regression on high DPI screens

Versie 10.1.5.8 347.3 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.5.8
=============================================================
+ Fix for linux rendering performance issues
+ First "Quantum" release candidate with Android support
x Inverted order of domains vs full sites in popup

Versie 10.1.5.7 343.6 KiB Werkt met Firefox 57.0 en hoger

v 10.1.5.7
=============================================================
+ Settings import functionality, backward compatible with
NoScript 5 formats
+ Settings export functionality
+ [XSS] The filter now automatically skips embedded documents
which would normally be blocked
x Base domain matching now uses a single dot rule for unknown,
private or "fake" TLDs (e.g. www.acme.corp → acme.corp)
x [XSS] Fixed regression from 10.1.5.6rc2 (thanks Masato
Kinugava for reporting)
x Better feedback for errors in the policy's debug JSON view
(thanks E-Raser for RFE)

Versie 5.1.8.3 759.1 KiB Werkt met Firefox 45.0 - 56.0, SeaMonkey 2.42 - *

v 5.1.8.3
=============================================================
x [XSS] Fixed regression (thanks Masato Kinugava for report)

Versie 10.1.5.6 342.0 KiB Werkt met Firefox 57.0 en hoger

v 10.1.5.6
=============================================================
- removed yandex.st from default whitelist (see
https://forums.informaction.com/viewtopic.php?t=23655)
x [XSS] Streamlined multiple unescaping standards handling
x [XSS] Generalized work-around for browser's URL parsing
oddities (thanks Masato Kinugava for reporting)
+ "Temporarily set top-level sites to TRUSTED" option
x [XSS] Fixed user choices forgot across browser sessions

Versie 5.1.8.2 759.0 KiB Werkt met Firefox 45.0 - 56.0, SeaMonkey 2.42 - *

v 5.1.8.2
=============================================================
x [ABE] Restored Palemoon compatibility (thanks barbaz for
patch)
x [ABE] Fixed ruleset persistence (thanks barbaz for patch)
- removed yandex.st from default whitelist (see
https://forums.informaction.com/viewtopic.php?t=23655)
x [XSS] Streamlined multiple unescaping standards handling

Versie 10.1.5.5 341.9 KiB Werkt met Firefox 57.0 en hoger

v 10.1.5.5
=============================================================
+ [UI] Clicking on the domain label now opens the "Security
and privacy info" webpage (like middle click on "Classic").
+ "Reset to Defaults" button in the options window
x Improved content script initialization logic (thanks Rob Wu
for suggestions)
x [XSS] Fixed 2nd level interactive bypass (thanks Masato
Kinugava for reporting)
x Fixed sites manually added from the Options textbox don't
stick (thanks Just_Golem for reporting)

Versie 5.1.8.1 759.0 KiB Werkt met Firefox 45.0 - 56.0, SeaMonkey 2.42 - *

v 5.1.8.1
=============================================================
x [XSS] Fixed 2nd level interactive bypass (thanks Masato
Kinugava for reporting)

Versie 10.1.5.4 341.9 KiB Werkt met Firefox 57.0 en hoger

v 10.1.5.4
=============================================================
+ [UI] Clicking on the domain label now opens the "Security
and privacy info" webpage (like middle click on "Classic").
+ "Reset to Defaults" button in the options window
x Improved content script initialization logic (thanks Rob Wu
for suggestions)
x [XSS] Fixed 2nd level interactive bypass (thanks Masato
Kinugava for reporting)
x Fixed sites manually added from the Options textbox don't
stick (thanks Just_Golem for reporting)

Versie 10.1.5.3 346.8 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.5.3
=============================================================
x Fixed regression causing NoScript to ask to reload pages in
order to show permissions more than once upon installation
- Removed most animations causing older system to lag when
large permissions lists are displayed in Options

Versie 10.1.5.2 346.8 KiB Werkt met Firefox 57.0 en hoger

v 10.1.5.2
=============================================================
x Improved work-around for blank windows on Linux Firefox bug
x Fixed XSS false positives on POST requests without data

Versie 10.1.5.1 347.2 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.5.1
=============================================================
x Fixed regression from new "fail fast" XSS filter main loop,
causing cross-site requests to Google to trigger false
positives (thanks Steve M for reporting)

Versie 10.1.5 347.1 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.5
=============================================================
+ [XSS] Added "Always block requests from ... to ..." in XSS
warning prompt
x [XSS] Fixed url decoding bug (thanks Masato Kinugawa for
reporting)
x Fixed some blocked items not reported in the UI (thanks Bo
Elam for reporting)
x Changed the CSP internal report URI to noscript-csp.invalid
(thanks Tom Schuster Mario Heiderich for RFE)
- Removed unused MSE detection code (thanks Rob Wu for
reporting)

Versie 10.1.4 346.6 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.4
=============================================================
x Fixed script enablement feedback dependant on page's own
CSP (thanks Rob Wu for reporting)
x Fixed MSE detection injection using window.eval (thanks
Rob Wu for reporting)
x Fixed window being resized and NoScript UI shown in a
separate popup when triggered on a maximized window
x General performance improvement by removing unnecessary
asynchronous webRequest listeners

Versie 10.1.3 345.9 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.3
=============================================================
x Hotfix for wiped TRUSTED permissions
x Hotfix for NoScript failing to load if XSS was disabled in
previous session

Versie 10.1.3c3 345.8 KiB Werkt met Firefox voor Android 57.0 en hoger, Firefox 57.0 en hoger

v 10.1.3rc3
=============================================================
x Fixed immutable permissions for TRUSTED and UNTRUSTED
presets negating all the others (thanks Stefan Scholl for
reporting)
x Work-around for Moz Bug #1402110 (thanks David Ross for
reporting)
x Fixed XSS whitelist not being cleared from Options
x Fixed XSS whitelist trying to using sync even if disabled (
thanks Rob Wu for reporting)

Versie 10.1.3c1 340.3 KiB Werkt met Firefox 57.0 en hoger

v 10.1.3rc1
=============================================================
+ Work-around for Firefox not displaying NOSCRIPT elements on
pages where scripts are blocked by CSP
+ The Alt+Shift+N shortcut now opens the NoScript UI also on
windows with no toolbars containing NoScript's icon
x "unsafe" (non-HTTPS) matching is now automatically selected
on non-HTTPS pages (fixes the perception that you set a
site to TRUSTED and it reverted to DEFAULT)
x Full addresses are shown again to be choosen in UI, together
with base domains
x Better auto-reload logic
x Fixed NoScript back-end to work also if sync storage is
disabled (thanks Rob Wu for reporting)
x Fixed potential fingerprinting through placeholder icon
(thanks Rob Wu for reporting)

Versie 10.1.2 308.5 KiB Werkt met Firefox 57.0 en hoger

v 10.1.2
=============================================================
+ Added "Revoke temporary permissions" button
+ Added "Temporarily allow all this page" button
x Simplified popup listing, showing base domains only (full
origin URLs can still be entered in the Options window to
further tweak permissions)
x Fixed UI not launching in Incognito mode
x Fixed changing permissions in the CUSTOM preset affecting
the DEFAULT permissions sometimes
x Fixed UI almost unusable in High Contrast mode
x Fixed live bookmark feeds blocked if "fetch" permissions
were not given
x Fixed background requests from other WebExtensions being
blocked

Versie 10.1.1 570.7 KiB Werkt met Firefox 57.0 en hoger

10.1.1
=============================================================
+ First pure WebExtension release.
+ CSP-based first-party script script blocking
+ Active content blocking with DEFAULT, TRUSTED, UNTRUSTED and
CUSTOM (per site) presets
+ Extremely responsive XSS filter leveraging the webRequest asynchronous API
+ On-the-fly cross-site requests whitelisting

Next to come: ClearClick and ABE (in the next few weeks).

Versie 5.1.7 758.9 KiB Werkt met Firefox 45.0 - 56.*, SeaMonkey 2.42 - *

5.1.7
=============================================================
x [Surrogate] Fixed regression breaking source matching in
5.1.6 (thanks astian for reporting)

Versie 5.1.6 758.9 KiB Werkt met Firefox 45.0 - 56.*, SeaMonkey 2.42 - *

5.1.6
=============================================================
x [Fx58] Fixed complete breakage due to nsIPrefBranch changes
in 58 (for Firefox Developer Edition users)

Versie 5.1.5 758.6 KiB Werkt met Firefox 45.0 - 56.*, SeaMonkey 2.42 - *

v 5.1.5
=============================================================
x Fixed content process cross-framescript leak (thanks
dorando for patch)
x [ESR] Fixed bookmarklets not being executed (thanks Jim
Thompson for reporting)

Versie 5.1.4 791.7 KiB Werkt met Firefox 45.0 - 56.*, SeaMonkey 2.42 - *

v 5.1.4
=============================================================
x [Nightly] Fixed Import/Export Options button
x Fixed bookmarlets broken when scripts globally allowed
(thanks filip for reporting)
x [Tor Browser] Fixed jumping icon on updates (ticket #23968)
x [Surrogate] Better sandbox memory management
- Removed special Add-ons manager uninstall warning hooks