Navigation:
Browse pkgsrc
(this page) 2021-01-03 20:02:52 by Thomas Klausner | Files touched by this commit (2) |  |
Log message: tor-browser-noscript: update to 11.1.7. v 11.1.7 ============================================================ x Optimize serviceWorker tracking for heavy tabs usage (thanks vadimm and barbaz for investigation) x Force placeholder visibility on Youtube embeddings x Fixed popup opening being slowed down if options UI is opened (thanks Sirus for report) x Explicit failure for wrong settings importation formats x Updated TLDs v 11.1.7rc3 ============================================================ x Updated TLDs x Optimize serviceWorker tracking for heavy tabs usage (thanks vadimm and barbaz for investigation) x Force placeholder visibility on Youtube embeddings v 11.1.7rc2 ============================================================ x Fixed popup opening being slowed down if options UI is opened (thanks Sirus for report) v 11.1.7rc1 ============================================================ x Explicit failure for wrong settings importation formats v 11.1.6 ============================================================ x Better handling of concurrent prompts issues (thanks billarbor for reporting) x Remove z-index boosting from ancestors when placeholder is collapsed or replaced (issue #162) x Fixed permission keyboard shortcuts being triggered with modifiers like CTRL (thanks barbaz for report) x More accurate blockage reporting, with better filtering of page's own CSP effects x [UI] Fixed bug in CUSTOM sites filtering (thanks barbaz for reporting) x Fixed bug in automatic HTML events build-time updates x Updated HTML events x Updated TLDs x [L10n] Updated sv_SE x Better handling 0 width / 0 height media placeholders v 11.1.6rc6 ============================================================ x Better handling of concurrent prompts issues (thanks billarbor for reporting) v 11.1.6rc5 ============================================================ x Remove z-index boosting from ancestors when placeholder is collapsed or replaced (issue #162) v 11.1.6rc4 ============================================================ x Fixed permission keyboard shortcuts being triggered with modifiers like CTRL (thanks barbaz for report) v 11.1.6rc3 ============================================================ x More accurate blockage reporting, with better filtering of page's own CSP effects v 11.1.6rc2 ============================================================ x [UI] Fixed bug in CUSTOM sites filtering (thanks barbaz for reporting) x Fixed bug in automatic HTML events build-time updates x Updated HTML events x Updated TLDs v 11.1.6rc1 ============================================================ x Updated TLDs x [L10n] Updated sv_SE x Better handling 0 width / 0 height media placeholders |
| 2020-11-12 22:10:49 by Thomas Klausner | Files touched by this commit (2) | |
Log message: tor-browser-noscript: update to 11.1.5. v 11.1.5 ============================================================ x Updated TLD x Fixed potential infinite loop via DOMContentLoaded x Work-around for Firefox 82 media redirection bug (thanks ppxxbu and skriptimaahinen) x Updated TLDs v 11.1.5rc2 ============================================================ x Updated TLD x Fixed potential infinite loop via DOMContentLoaded v 11.1.5rc1 ============================================================ x Work-around for Firefox 82 media redirection bug (thanks ppxxbu and skriptimaahinen) x Updated TLDs v 11.1.4 ============================================================ x Fixed sloppy CSP media blocker detection breaking MSE blob: media placeholders on Chromium x Fixed race condition causing temporary settings not to survive updates sometimes x Updated TLDs x [Mobile] Improved prompts appearance on Android v 11.1.4rc3 ============================================================ x Fixed sloppy CSP media blocker detection breaking MSE blob: media placeholders on Chromium v 11.1.4rc2 ============================================================ x Fixed race condition causing temporary settings not to survive updates sometimes v 11.1.4rc1 ============================================================ x Updated TLDs x [Mobile] Improved prompts appearance on Android |
| 2020-10-31 01:54:38 by Thomas Klausner | Files touched by this commit (2) | |
Log message: tor-browser-noscript: update to 11.1.3. v 11.1.3 ============================================================ x Fixed regression: document media and font restrictions always cascaded (thanks BrainDedd for report) x Remove domPolicy logging when debugging is off x Trivial reordering from Mozilla source x Updated TLDs v 11.1.1 ============================================================ x Updated TLDs x Better heuristic to figure out missing data while computing contextual policies x Fixed regression breaking per-tab restrictions disablement (thanks Horsefly for report) v 11.1.0 ============================================================ x Improved blocking of media documents unaffected by webRequest x Automatically init tag message with last changelog x Improved NOSCRIPT element emulation compatibility with XML documents x webNavigation.onCommitted + tabs.executeScript to deliver DOM policies earlier whenever possible x Partial work-around for Fx 80 file:// documents parsing inconsistencies (further fix for issue #156) x Cache policy on top document for file:// subdocuments (fixes issue #156) x Enforce more restrictive CSP on media/object documents x Better cross-browser media handling x [Mobile] Use tabs as prompts if the browser.windows API is missing x Fix browser UI for image, audio and video content being partially broken on file:// URLs x Normalize file:// directory paths on Firefox x Allow browser UI scripts for file:// directory navigation x Updated TLDs x [L10n] Updated mk v 11.1.0rc2 ============================================================ x Improved blocking of media documents unaffected by webRequest x Automatically init tag message with last changelog v 11.1.0rc1 ============================================================ x Improved NOSCRIPT element emulation compatibility with XML documents v 11.0.47rc6 ============================================================ x webNavigation.onCommitted + tabs.executeScript to deliver DOM policies earlier whenever possible x Fixed typo causing CSP-based media blocking to skip requests with no content-type header v 11.0.47rc5 ============================================================ x Partial work-around for Fx 80 file:// documents parsing inconsistencies (further fix for issue #156) v 11.0.47rc4 ============================================================ x Cache policy on top document for file:// subdocuments (fixes issue #156) x Updated TLDs x Enforce more restrictive CSP on media/object documents v 11.0.47rc3 ============================================================ x Better cross-browser media handling x Improved file: directory path normalization v 11.0.47rc2 ============================================================ x [Mobile] Use tabs as prompts if the browser.windows API is missing v 11.0.47rc1 ============================================================ x Fix browser UI for image, audio and video content being partially broken on file:// URLs x Normalize file:// directory paths on Firefox x Allow browser UI scripts for file:// directory navigation x Updated TLDs x [L10n] Updated mk |
| 2020-09-23 21:03:10 by Thomas Klausner | Files touched by this commit (2) | |
Log message: tor-browser-noscript: update to 11.0.46. (would have to be pulled up anyway) v 11.0.46 ============================================================ x Updated TLDs x [L10n] Updated is x Fixed file:// and ftp:// specific content scripts not runnning in subdocuments x Fixed deferred scripts in file:// pages may run twice (issue #155) x Fixed rendering bug with scrolled file:// pages on soft reload (thanks Iouri for report) x Fixed 11.0.44 regression: ghost media item reported on every page x Better emulation of SVG events v 11.0.45rc5 ============================================================ x Updated TLDs x [L10n] Updated is x Fixed file:// and ftp:// specific content scripts not runnning in subdocuments v 11.0.45rc4 ============================================================ x Fixed deferred scripts in file:// pages may run twice (issue #155) v 11.0.45rc3 ============================================================ x Fixed rendering bug with scrolled file:// pages on soft reload (thanks Iouri for report) v 11.0.45rc2 ============================================================ x Fixed 11.0.44 regression: ghost media item reported on every page v 11.0.45rc1 ============================================================ x Better emulation of SVG events v 11.0.44 ============================================================ x Dispatch synthetic SVGLoad event in soft load when needed x [L10n] Updated da, es x Fixed namespacing issues with script replacements x Fixed media placeholder not shown when blocking Youtube movies x Work around for unpredictable content script execution order x Ensure content of NoScript prompts is always visible x Fixed soft reload messing with non UTF-8 encodings (thanks "Quest" for reporting) x Updated TLDs x [XSS] Fixed escape detection bug causing strage false positives (thanks Dave Howorth for report) v 11.0.44rc7 ============================================================ x Better reflect event firing order in soft reload emulation v 11.0.44rc6 ============================================================ x [L10n] Updated da x Dispatch synthetic SVGLoad event in soft load when needed v 11.0.44rc5 ============================================================ x Fixed typo v 11.0.44rc4 ============================================================ x Fixed namespacing issues with script replacements x Fixed typo in content script ordering work-around v 11.0.44rc3 ============================================================ x Fixed media placeholder not shown when blocking Youtube movies x Work around for unpredictable content script execution order x Ensure content of NoScript prompts is always visible v 11.0.44rc2 ============================================================ x Fixed soft reload messing with non UTF-8 encodings (thanks "Quest" for reporting) v 11.0.44rc1 ============================================================ x Updated TLDs x [L10n] Updated es x [XSS] Fixed escape detection bug causing strage false positives (thanks Dave Howorth for report) x Fixed markup typo v 11.0.43 ============================================================ x Fix for some race conditions causing corruptions in non-HTML non-XML documents v 11.0.42 ============================================================ x Avoid useless "seen" reports from onBeforeRequest() x Catch broadcast messaging errors x Make build.sh tag push even already created tags x Updated TLDsm x Work-around for applying DOM CSP to non-HTML XML documents (thanks skriptimaahinen) x Document freezing to handle SVG and other XML documents as a fallback before CSP insertion x Refactored and improved syncFetchPolicy fallback for file: and ftp: special cases v 11.0.42rc8 ============================================================ x Avoid useless "seen" reports from onBeforeRequest() x Catch broadcast messaging errors x Make build.sh tag push even already created tags v 11.0.42rc7 ============================================================ x Updated TLDs x Let injected CSP prevent onload events from firing on unfrozen embedded elements x Work-around for applying DOM CSP to non-HTML XML documents (thanks skriptimaahinen) v 11.0.42rc6 ============================================================ x Document freezing to handle SVG and other XML documents impervious to CSP on Mozilla v 11.0.42rc5 ============================================================ x Skip soft reload if not needed v 11.0.42rc4 ============================================================ x XML-compatible soft reload v 11.0.42rc3 ============================================================ x "Soft reload" approach to fix file: and ftp: issues v 11.0.42rc2 ============================================================ x SyncMessage suspending on DOMContentLoaded x Updated TLDs v 11.0.42rc1 ============================================================ x Refactored and improved syncFetchPolicy fallback for file: and ftp: special cases |
| 2020-08-26 22:08:15 by Thomas Klausner | Files touched by this commit (2) | |
Log message: tor-browser-noscript: update to 11.0.41. v 11.0.41rc2 ============================================================ x More precise event suppression mechanism x Fixed regression: events suppressed on file:// pages unless scripts are allowed x Updated TLDs v 11.0.41rc2 ============================================================ x More precise event suppression mechanism v 11.0.41rc1 ============================================================ x Fixed regression: events suppressed on file:// pages unless scripts are allowed x Updated TLDs v 11.0.40 ============================================================ x Avoid synchronous policy fetching whenever possible (fixes multiple issues) v 11.0.40rc2 ============================================================ x Avoid synchronous policy fetching whenever possible v 11.0.40rc1 ============================================================ x Handle edge case in file:// pages: policy change and reload before DOMContentLoaded v 11.0.39 ============================================================ x Fix reload loops on broken file: HTML documents (thanks bernie for report) x [XSS] Updated HTML event attributes x Local policy fallback for file: and ftp: URLs using window.name rather than sessionStorage x [L10n] Updated bn, br, ca, da, de, el, es, fr, he, is, it, ja, lt, mk, ms, nb, nl, pl, pt_BR, ru, sq, sv_SE, tr, zh_CN, zh_TW x Added "Revoke temporary permissions on NoScript updates, even if the browser is not restarted" advanced option x Let temporary permissions survive NoScript updates (shameless hack) x Fixed some traps around Messages abstraction x Ignore search / hash on policy matching of domain-less URLs (e.g. file:///...) x Updated TLDs x Fixed automatic scrolling hampers usability on long sites lists in popup x Better timing for event attributes removal/restore x Work-arounds for edge cases in synchronous page loads bypassing webRequest (thanks skriptimaahinen) v 11.0.39rc8 ============================================================ x Several hacks to make non-distruptive updates compatible with Chromium x Tighten localPolicy persistence mechanism during reloads v 11.0.39rc7 ============================================================ x Temporary settings survival more resilient and compatible with Fenix x [L10n] Updated es v 11.0.39rc6 ============================================================ x Fix reload loops on broken file: HTML documents (thanks bernie for report) x [XSS] Updated HTML event attributes v 11.0.39rc5 ============================================================ x Local policy fallback for file: and ftp: URLs using window.name rather than sessionStorage x [L10n] Updated bn, br, ca, da, de, el, es, fr, he, is, it, ja, lt, mk, ms, nb, nl, pl, pt_BR, ru, sq, sv_SE, tr, zh_CN, zh_TW x Renamed option to "Revoke temporary permissions on NoScript updates, even if the browser is not restarted" v 11.0.39rc4 ============================================================ x Added option to forget temporary settings immediately whenever NoScript gets updated x Fixed regression: file:/// URLs reloaded whenever NoScript gets reinstalled / enabled / reloaded x More resilient and easy to debug survival data retrieving v 11.0.39rc3 ============================================================ x Fixed regression causing manual NoScript downgrades to be delayed until manual restart v 11.0.39rc2 ============================================================ x Let temporary permissions survive NoScript updates (shameless hack) x Fixed some traps around Messages abstraction x Ignore search / hash on policy matching of domain-less URLs (e.g. file:///...) x Removed useless CSS property x Updated TLDs v 11.0.39rc1 ============================================================ x Updated TLDs x Fixed automatic scrolling hampers usability on long sites lists in popup x Fixed typo in vendor-prefixed CSS v 11.0.38rc2 ============================================================ x Better timing for event attributes removal/restore v 11.0.38rc1 ============================================================ x Work-arounds for edge cases in synchronous page loads bypassing webRequest (thanks skriptimaahinen) x [L10n] Updated bn v 11.0.38 ============================================================ x Better timing for event attributes removal/restore x Work-arounds for edge cases in synchronous page loads bypassing webRequest (thanks skriptimaahinen) x [L10n] Updated bn v 11.0.38rc2 ============================================================ x Better timing for event attributes removal/restore v 11.0.38rc1 ============================================================ x Work-arounds for edge cases in synchronous page loads bypassing webRequest (thanks skriptimaahinen) x [L10n] Updated bn v 11.0.37 ============================================================ x Simpler and more reliable sendSyncMessage implementation and usage x sendSyncMessage support for multiple suspension requests (should fix extension script injection issues) x Updated TLDs v 11.0.37rc3 ============================================================ x Simpler and more reliable sendSyncMessage implementation and usage x Updated TLDs v 11.0.37rc2 ============================================================ x SyncMessage suspending on DOM modification as well x Updated TLDs v 11.0.37rc1 ============================================================ x Updated TLDs x sendSyncMessage support for multiple suspension requests (should fix extension script injection issues) v 11.0.36 ============================================================ x Fixed regression: temporary permissions revocation not working anymore on privileged pages x SendSyncMessage script execution safety net more compatible with other extensions (e.g. BlockTube) v 11.0.35 ============================================================ x Avoid unnecessary reloads on temporary permissions revocation x [UI] Removed accidental cyan background for site labels x [L10n] Updated es x Work-around for conflict with extensions inserting elements into content pages' DOM early x [XSS] Updated HTML events x Updated TLDs x Fixed buggy policy references in the Options dialog x More accurate NOSCRIPT element emulation x Anticipate onScriptDisabled surrogates to first script-src 'none' CSP violation x isTrusted checks for all the content events x Improved look in mobile portrait mode x Let SyncMessage prevent undesired script execution scheduled during suspension v 11.0.35rc4 ============================================================ x Avoid unnecessary reloads on temporary permissions revocation x Fixed potentially infinite loop in SyncMessage Firefox implementation x [UI] Removed accidental cyan background for site labels x [L10n] Updated es v 11.0.35rc3 ============================================================ x Work-around for conflict with extensions inserting elements into content pages' DOM early x [XSS] Updated HTML events v 11.0.35rc2 ============================================================ x Updated TLDs x Fixed buggy policy references in the Options dialog x More accurate NOSCRIPT element emulation x Anticipate onScriptDisabled surrogates to first script-src 'none' CSP violation x isTrusted checks for all the content events x Improved look in mobile portrait mode v 11.0.35rc1 ============================================================ x Let SyncMessage prevent undesired script execution scheduled during suspension |
| 2020-07-29 09:02:59 by Thomas Klausner | Files touched by this commit (2) | |
Log message: tor-browser-noscript: update to 11.0.34. v 11.0.34 ============================================================ x Fixed regression breaking network-based CSP injection v 11.0.33 ============================================================ x Switch from HTTP to DOM event based CSP reporting in compatible browsers x [XSS] Updated HTML event attributes x Updated TLDs |
| 2020-07-04 00:53:52 by Thomas Klausner | Files touched by this commit (2) | |
Log message: tor-browser-noscript: update to 11.0.32. v 11.0.32 ============================================================ x [L10n] Updated it, mk, sv_SE x Fixed setting CUSTOM permissions in private mode may cause the TRUSTED preset to become temporary x Updated TLDs x [XSS] Updated HTML 5 events support x More compact high contrast appearance v 11.0.31 ============================================================ x Focus "OK" button on dialog-mode UI x Fixed various toolbar buttons DnD issues x Updated TLDs x [L10n] Updated bn, br, ca, da, de, el, es, fr, he, is, it, ja, lt, mk, ms, nb, nl, pl, pt_BR, ru, sq, sv_SE, tr, zh_CN, zh_TW x Fixed very low contrast HTTPS-only label in High Contrast mode v 11.0.31rc2 ============================================================ x Focus "OK" button on dialog-mode UI x [L10n] Updated da x Fixed various toolbar buttons DnD graphic issues x Updated TLDs v 11.0.31rc1 ============================================================ x [L10n] Updated bn, br, ca, da, de, el, es, fr, he, is, it, ja, lt, mk, ms, nb, nl, pl, pt_BR, ru, sq, sv_SE, tr, zh_CN, zh_TW x Fixed very low contrast HTTPS-only label in High Contrast mode x More precise DnD of toolbar buttons + work-around for https://bugzilla.mozilla.org/show_bug.cgi?id=568313 |
| 2020-06-06 22:55:14 by Thomas Klausner | Files touched by this commit (2) | |
Log message: tor-browser-noscript: update to 11.0.30. v 11.0.30 ============================================================ x Discoverable option to force site-leaking UI in PBM/Incognito x [L10n] Updated he x Easier keyboard navigation of preset configuration x Yellow-less UI palette |
| 2020-04-28 21:34:51 by Thomas Klausner | Files touched by this commit (4) |
Log message: security/tor-browser-noscript: import tor-browser-noscript-11.0.25 The NoScript Firefox extension provides extra protection for browsers: this free, open source add-on allows JavaScript, Java, Flash, and other plugins to be executed only by trusted web sites of your choice (e.g., your online bank). |
New packages: