Subject: CVS commit: pkgsrc/security/tor-browser-noscript
From: Thomas Klausner
Date: 2020-09-23 21:03:10
Message id: 20200923190310.AF6E7FB28@cvs.NetBSD.org

Log Message:
tor-browser-noscript: update to 11.0.46.

(would have to be pulled up anyway)

v 11.0.46
============================================================
x Updated TLDs
x [L10n] Updated is
x Fixed file:// and ftp:// specific content scripts not
  runnning in subdocuments
x Fixed deferred scripts in file:// pages may run twice
  (issue #155)
x Fixed rendering bug with scrolled file:// pages on soft
  reload (thanks Iouri for report)
x Fixed 11.0.44 regression: ghost media item reported on
  every page
x Better emulation of SVG events

v 11.0.45rc5
============================================================
x Updated TLDs
x [L10n] Updated is
x Fixed file:// and ftp:// specific content scripts not
  runnning in subdocuments

v 11.0.45rc4
============================================================
x Fixed deferred scripts in file:// pages may run twice
  (issue #155)

v 11.0.45rc3
============================================================
x Fixed rendering bug with scrolled file:// pages on soft
  reload (thanks Iouri for report)

v 11.0.45rc2
============================================================
x Fixed 11.0.44 regression: ghost media item reported on
  every page

v 11.0.45rc1
============================================================
x Better emulation of SVG events

v 11.0.44
============================================================
x Dispatch synthetic SVGLoad event in soft load when needed
x [L10n] Updated da, es
x Fixed namespacing issues with script replacements
x Fixed media placeholder not shown when blocking Youtube
  movies
x Work around for unpredictable content script execution
  order
x Ensure content of NoScript prompts is always visible
x Fixed soft reload messing with non UTF-8 encodings (thanks
  "Quest" for reporting)
x Updated TLDs
x [XSS] Fixed escape detection bug causing strage false
  positives (thanks Dave Howorth for report)

v 11.0.44rc7
============================================================
x Better reflect event firing order in soft reload emulation

v 11.0.44rc6
============================================================
x [L10n] Updated da
x Dispatch synthetic SVGLoad event in soft load when needed

v 11.0.44rc5
============================================================
x Fixed typo

v 11.0.44rc4
============================================================
x Fixed namespacing issues with script replacements
x Fixed typo in content script ordering work-around

v 11.0.44rc3
============================================================
x Fixed media placeholder not shown when blocking Youtube
  movies
x Work around for unpredictable content script execution
  order
x Ensure content of NoScript prompts is always visible

v 11.0.44rc2
============================================================
x Fixed soft reload messing with non UTF-8 encodings (thanks
  "Quest" for reporting)

v 11.0.44rc1
============================================================
x Updated TLDs
x [L10n] Updated es
x [XSS] Fixed escape detection bug causing strage false
  positives (thanks Dave Howorth for report)
x Fixed markup typo

v 11.0.43
============================================================
x Fix for some race conditions causing corruptions in
  non-HTML non-XML documents

v 11.0.42
============================================================
x Avoid useless "seen" reports from onBeforeRequest()
x Catch broadcast messaging errors
x Make build.sh tag push even already created tags
x Updated TLDsm
x Work-around for applying DOM CSP to non-HTML XML documents
  (thanks skriptimaahinen)
x Document freezing to handle SVG and other XML documents
  as a fallback before CSP insertion
x Refactored and improved syncFetchPolicy fallback for file:
  and ftp: special cases

v 11.0.42rc8
============================================================
x Avoid useless "seen" reports from onBeforeRequest()
x Catch broadcast messaging errors
x Make build.sh tag push even already created tags

v 11.0.42rc7
============================================================
x Updated TLDs
x Let injected CSP prevent onload events from firing on
  unfrozen embedded elements
x Work-around for applying DOM CSP to non-HTML XML documents
  (thanks skriptimaahinen)

v 11.0.42rc6
============================================================
x Document freezing to handle SVG and other XML documents
  impervious to CSP on Mozilla

v 11.0.42rc5
============================================================
x Skip soft reload if not needed

v 11.0.42rc4
============================================================
x XML-compatible soft reload

v 11.0.42rc3
============================================================
x "Soft reload" approach to fix file: and ftp: issues

v 11.0.42rc2
============================================================
x SyncMessage suspending on DOMContentLoaded
x Updated TLDs

v 11.0.42rc1
============================================================
x Refactored and improved syncFetchPolicy fallback for file:
  and ftp: special cases

Files:
RevisionActionfile
1.6modifypkgsrc/security/tor-browser-noscript/Makefile
1.6modifypkgsrc/security/tor-browser-noscript/distinfo