aboutsummaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2021-10-01add shell script facilitating generation of JWTWojtek Kosior
2021-09-15Add default repository to default settingsnickjahoti
2021-09-14bump version to 0.1Wojtek Kosior
2021-09-14use default settings that only contain a demo script (the rest is available t...Wojtek Kosior
2021-09-13rename the extension to "Haketilo"Wojtek Kosior
2021-09-11added missing line break in options pageWojtek Kosior
2021-09-10disable service workers when scripts are blockedWojtek Kosior
2021-09-10Make it impossible to check "Allow native scripts" for pages with payload.Wojtek Kosior
2021-09-10limit allowed pattern lengthsWojtek Kosior
2021-09-09restore compatibility with IceCat 60Wojtek Kosior
2021-09-09simplify CSP handling...All page's CSP rules are now removed when a payload is to be injected. When there is no payload, CSP rules are not modified but only supplemented with Hachette's own. Wojtek Kosior
2021-09-08Fix sanitizing of non-HTML XMLDocument'sWojtek Kosior
2021-09-06re-enable sanitizing of data: URLs and also sanitize intrinsics on non-HTML p...Wojtek Kosior
2021-09-06generate Chromium unique key automatically in `build.sh'Wojtek Kosior
2021-09-04fix script blocking bug under ChromiumWojtek Kosior
2021-09-04update documentation link in the READMEWojtek Kosior
2021-09-04show appropriate message when repository returns no custom content for given URLWojtek Kosior
2021-09-04merge changes before version 0.1Wojtek Kosior
2021-09-03limit width of url in popup headingWojtek Kosior
2021-09-03disable payload injection on non-html pagesWojtek Kosior
2021-09-03only apply stream filter modifications when reasonably necessaryWojtek Kosior
2021-09-02implement rethinked <meta> tags sanitizing approach...This has not been tested yet. Additionally, functionality for blocking of `data:' urls needs to be re-enabled. Wojtek Kosior
2021-09-02also require "unlimitedStorage" permission to avoid surprise laterWojtek Kosior
2021-09-02enable toggling of global script blocking policy\n\nThis commit also introduc...Wojtek Kosior
2021-09-01add styling to settings install(import) dialogWojtek Kosior
2021-09-01change descriptionWojtek Kosior
2021-09-01add styling for popup page\n\nThis does not include styling for contents of t...Wojtek Kosior
2021-08-30add styling for options page\n\nThis does not include styling for contents of...Wojtek Kosior
2021-08-27reset CSS rulesWojtek Kosior
2021-08-27start using `<template>' tagWojtek Kosior
2021-08-27put simplest, asynchronous local storage operations in a separate fileWojtek Kosior
2021-08-27add support for `ftp://' protocolWojtek Kosior
2021-08-27enable whitelisting of `file://' protocol\n\nThis commit additionally also ch...Wojtek Kosior
2021-08-26filter HTTP request headers to remove Hachette cookies in case they slip throughWojtek Kosior
2021-08-26improve signing\n\nSignature timestamp is now handled in a saner way. Sha256 ...Wojtek Kosior
2021-08-23use StreamFilter under Mozilla to prevent csp <meta> tags from blocking our i...Wojtek Kosior
2021-08-20sanitize `<meta>' tags containing CSP rules under Chromium...This commit adds a mechanism of hijacking document when it loads and injecting sanitized nodes to the DOM from the level of content script. Wojtek Kosior
2021-08-18remove unneeded policy-related cosole messages; restore IceCat 60 compatibilityWojtek Kosior
2021-08-18implement smuggling via cookies instead of URLWojtek Kosior
2021-08-18enhance our bundler to protect top-level `this' from accidental clobberingWojtek Kosior
2021-08-14merge facility to install from HydrillaWojtek Kosior
2021-08-14merge csp-PoCWojtek Kosior
2021-08-14Revert changes to content/main.js to commit 25817b68c*...It turns out modifying the CSP headers in meta tags has no effect. jahoti
2021-08-10change default repository URLWojtek Kosior
2021-08-06Facilitate installation of scripts from the repository...This commit includes: * removal of page_info_server * running of storage client in popup context * extraction of some common CSS to a separate file * extraction of scripts import view to a separate file * addition of a facility to conveniently clone complex structures from DOM (in DOM_helpers.js) * addition of hydrilla repo url to default settings * other minor changes and of course changes related to the actual installation of scripts from the repo Wojtek Kosior
2021-08-05enable modularization of html filesWojtek Kosior
2021-08-04make settings_query.js use storage object passed as an argumentWojtek Kosior
2021-08-02[UNTESTED- will test] Add filtering for http-equiv CSP headersjahoti
2021-07-28Rationalize CSP violation report blocking....Report blocking now applies iff scripts are blocked. jahoti
2021-07-27validate settings on importWojtek Kosior
generated by cgit