aboutsummaryrefslogtreecommitdiff
path: root/TODOS.org
AgeCommit message (Collapse)Author
2021-06-28License script-blocking techniques from NoScript in machine-readable format.jahoti
In-page blocking now works on Firefox, and JavaScript/data- URLs are properly blocked to ensure no JavaScript leaks in through backdoors. Blocking of HTML/XML data: urls should be refined (eventually) to align with current practice for pages in general. Also, script-blocking is now filtered by nonce, making it possible (albeit perhaps not desirable) to inject scripts before the DOM is complete.
2021-06-25gather all copyright info in 'copyright' fileWojtek Kosior
2021-06-23Fix storage initialization on Icecat 60jahoti
This patch fixes storage initialization on Gecko browsers by switching from using a background page to using a list of scripts. It remains a mystery why that should have any effect; the only hint is that browser.runtime.onInstalled does not fire when called from a script loaded in a background page. Signed-off-by: jahoti <jahoti@tilde.team>
2021-06-19add import/export functionalityWojtek Kosior
2021-06-18when possible inject CSP as http(s) header using webRequest instead of ↵Wojtek Kosior
adding a <meta> tag
2021-05-14react to few bugsWojtek Kosior
2021-05-14support wildcard urls in settingsWojtek Kosior
2021-05-13make extension work under IceCat 60Wojtek Kosior
2021-05-13utilize CSP for blockingWojtek Kosior
2021-05-13only allow a single injection payload for page, rely on script bags for ↵Wojtek Kosior
complex payloads
2021-05-12rename "bundles" to "bags"Wojtek Kosior
2021-05-12use unique hashes when smuggling whitelist settingWojtek Kosior
2021-05-12stop using js modulesWojtek Kosior
2021-05-12remove remnants of LibreJSWojtek Kosior
2021-05-10initial commitWojtek Kosior