Age | Commit message (Collapse) | Author |
|
|
|
No template code ended up being drawn from JShelter.
|
|
Ensure build.sh can deal with arbitrary build directories.
|
|
Currently includes targets for unpacked versions and zips
|
|
|
|
|
|
|
|
|
|
|
|
through Hydrilla)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
All page's CSP rules are now removed when a payload is to be injected. When there is no payload, CSP rules are not modified but only supplemented with Hachette's own.
|
|
|
|
pages where CSP doesn't work
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This has not been tested yet. Additionally, functionality for blocking of `data:' urls needs to be re-enabled.
|
|
|
|
introduces `light_storage' module which is later going to replace the storage code we use right now.\nAlso included is a hack to properly display scrollbars under Mozilla (needs testing on newer Mozilla browsers).
|
|
|
|
|
|
the import dialog
|
|
of the import popup
|
|
|
|
|
|
|
|
|
|
changes the semantics of triple asterisk wildcard in URL path.
|
|
|
|
implementation is no longer pulled in contexts that don't require it.
|
|
injected scripts
|
|
This commit adds a mechanism of hijacking document when it loads and injecting sanitized nodes to the DOM from the level of content script.
|
|
|
|
|
|
|
|
|
|
|
|
It turns out modifying the CSP headers in meta tags has no effect.
|
|
|