summaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2021-09-10Make it impossible to check "Allow native scripts" for pages with payload.Wojtek Kosior
2021-09-10limit allowed pattern lengthsWojtek Kosior
2021-09-09restore compatibility with IceCat 60Wojtek Kosior
2021-09-09simplify CSP handling...Wojtek Kosior
2021-09-08Fix sanitizing of non-HTML XMLDocument'sWojtek Kosior
2021-09-06re-enable sanitizing of data: URLs and also sanitize intrinsics on non-HTML p...Wojtek Kosior
2021-09-06generate Chromium unique key automatically in `build.sh'Wojtek Kosior
2021-09-04fix script blocking bug under ChromiumWojtek Kosior
2021-09-04update documentation link in the READMEWojtek Kosior
2021-09-04show appropriate message when repository returns no custom content for given URLWojtek Kosior
2021-09-04merge changes before version 0.1Wojtek Kosior
2021-09-03limit width of url in popup headingWojtek Kosior
2021-09-03disable payload injection on non-html pagesWojtek Kosior
2021-09-03only apply stream filter modifications when reasonably necessaryWojtek Kosior
2021-09-02implement rethinked <meta> tags sanitizing approach...Wojtek Kosior
2021-09-02also require "unlimitedStorage" permission to avoid surprise laterWojtek Kosior
2021-09-02enable toggling of global script blocking policy\n\nThis commit also introduc...Wojtek Kosior
2021-09-01add styling to settings install(import) dialogWojtek Kosior
2021-09-01change descriptionWojtek Kosior
2021-09-01add styling for popup page\n\nThis does not include styling for contents of t...Wojtek Kosior
2021-08-30add styling for options page\n\nThis does not include styling for contents of...Wojtek Kosior
2021-08-27reset CSS rulesWojtek Kosior
2021-08-27start using `<template>' tagWojtek Kosior
2021-08-27put simplest, asynchronous local storage operations in a separate fileWojtek Kosior
2021-08-27add support for `ftp://' protocolWojtek Kosior
2021-08-27enable whitelisting of `file://' protocol\n\nThis commit additionally also ch...Wojtek Kosior
2021-08-26filter HTTP request headers to remove Hachette cookies in case they slip throughWojtek Kosior
2021-08-26improve signing\n\nSignature timestamp is now handled in a saner way. Sha256 ...Wojtek Kosior
2021-08-23use StreamFilter under Mozilla to prevent csp <meta> tags from blocking our i...Wojtek Kosior
2021-08-20sanitize `<meta>' tags containing CSP rules under Chromium...Wojtek Kosior
2021-08-18remove unneeded policy-related cosole messages; restore IceCat 60 compatibilityWojtek Kosior
2021-08-18implement smuggling via cookies instead of URLWojtek Kosior
2021-08-18enhance our bundler to protect top-level `this' from accidental clobberingWojtek Kosior
2021-08-14merge facility to install from HydrillaWojtek Kosior
2021-08-14merge csp-PoCWojtek Kosior
2021-08-14Revert changes to content/main.js to commit 25817b68c*...jahoti
2021-08-10change default repository URLWojtek Kosior
2021-08-06Facilitate installation of scripts from the repository...Wojtek Kosior
2021-08-05enable modularization of html filesWojtek Kosior
2021-08-04make settings_query.js use storage object passed as an argumentWojtek Kosior
2021-08-02[UNTESTED- will test] Add filtering for http-equiv CSP headersjahoti
2021-07-28Rationalize CSP violation report blocking....jahoti
2021-07-27validate settings on importWojtek Kosior
2021-07-26provide a facility to sanitize externally-obtained JSONWojtek Kosior
2021-07-26code maintenanceWojtek Kosior
2021-07-26Squash more CSP-filtering bugs...jahoti
2021-07-26Fix some bugs in the refined CSP handlingjahoti
2021-07-26[UNTESTED- will test] Use more nuanced CSP filtering...jahoti
2021-07-26Remove unnecessary imports of url_item and add a CSP header-parsing function...jahoti
2021-07-23extract observables implementation from storage.jsWojtek Kosior