| Age | Commit message (Expand) | Author |
|---|---|---|
| 2022-08-24 | remove unneeded import in policy_enforcing.js | Wojtek Kosior |
| 2022-08-24 | force <noscript> tags | Wojtek Kosior |
| 2022-06-20 | prevent injected scripts from executing out of orderv2.0-beta1 | Wojtek Kosior |
| 2022-03-28 | add more tests for CORS bypassing feature | Wojtek Kosior |
| 2022-03-26 | allow injected scripts to bypass CORS using provided API | Wojtek Kosior |
| 2022-03-24 | prepare for exposing APIs to injected scripts | Wojtek Kosior |
| 2022-03-24 | serialize and deserialize entire Response object when relaying fetch() calls ... | Wojtek Kosior |
| 2022-03-10 | improvement to also properly sanitize intrinsics in XML documents under older... | Wojtek Kosior |
| 2022-03-05 | improve script blocking in non-HTML documents (XML) | Wojtek Kosior |
| 2022-03-04 | fix setting of 'blocked-blocked<...>-<name>' attributes and add tests | Wojtek Kosior |
| 2022-03-04 | for () loop styling | Wojtek Kosior |
| 2022-03-04 | fix setting of 'blocked-<name>' attributes when blocking intrinsic event hand... | Wojtek Kosior |
| 2022-03-04 | prepend all generated console messages with 'Haketilo:' | Wojtek Kosior |
| 2022-03-04 | fix comment typo | Wojtek Kosior |
| 2022-02-21 | inject scripts to pages utilizing blob: URLs | Wojtek Kosior |
| 2022-02-14 | restore chromium support | Wojtek Kosior |
| 2022-02-02 | support Parabola's Iceweasel in tests | Wojtek Kosior |
| 2022-01-29 | make Haketilo buildable again (for Mozilla)...How cool it is to throw away 5755 lines of code... | Wojtek Kosior |
| 2022-01-27 | add actual payload injection functionality to new content script | Wojtek Kosior |
| 2022-01-26 | add new root content script | Wojtek Kosior |
| 2022-01-18 | facilitate caching repository responses in content scripts | Wojtek Kosior |
| 2022-01-17 | test script blocking with and without the CSP-based approach on | Wojtek Kosior |
| 2022-01-17 | move policy enforcing code to a new file, include basic test | Wojtek Kosior |
| 2022-01-04 | fix license promise typo | Wojtek Kosior |
| 2021-12-31 | utilize Pattern Tree to decide the policy to use and modify HTTP response hea......This commit also enhances the build script so that preprocessor conditionals can now use operators '&&' and '||'. The features being developed are not yet included in the actual Haketilo build. Some of the new source files contain similar functionality to other ones already existing in the source tree. At some point the latter will be removed. | Wojtek Kosior |
| 2021-12-22 | reworked build system; added missing license notices | Wojtek Kosior |
| 2021-12-03 | merge `master` (license notices) and `koszko` (v1.0 development) | Wojtek Kosior |
| 2021-11-20 | replace cookies with synchronous XmlHttpRequest as policy smuggling method....Note: this breaks Mozilla port of Haketilo. Synchronous XmlHttpRequest doesn't work as well there. This will be fixed with dynamically-registered content scripts later. | Wojtek Kosior |
| 2021-10-30 | Fix license notices on JS and SH files...Other files have been left, as no model notice is available | jahoti |
| 2021-09-13 | rename the extension to "Haketilo" | Wojtek Kosior |
| 2021-09-10 | disable service workers when scripts are blocked | Wojtek Kosior |
| 2021-09-09 | restore compatibility with IceCat 60 | Wojtek Kosior |
| 2021-09-09 | simplify CSP handling...All page's CSP rules are now removed when a payload is to be injected. When there is no payload, CSP rules are not modified but only supplemented with Hachette's own. | Wojtek Kosior |
| 2021-09-08 | Fix sanitizing of non-HTML XMLDocument's | Wojtek Kosior |
| 2021-09-06 | re-enable sanitizing of data: URLs and also sanitize intrinsics on non-HTML p... | Wojtek Kosior |
| 2021-09-04 | fix script blocking bug under Chromium | Wojtek Kosior |
| 2021-09-04 | merge changes before version 0.1 | Wojtek Kosior |
| 2021-09-03 | disable payload injection on non-html pages | Wojtek Kosior |
| 2021-09-02 | implement rethinked <meta> tags sanitizing approach...This has not been tested yet. Additionally, functionality for blocking of `data:' urls needs to be re-enabled. | Wojtek Kosior |
| 2021-09-02 | enable toggling of global script blocking policy\n\nThis commit also introduc... | Wojtek Kosior |
| 2021-08-27 | add support for `ftp://' protocol | Wojtek Kosior |
| 2021-08-27 | enable whitelisting of `file://' protocol\n\nThis commit additionally also ch... | Wojtek Kosior |
| 2021-08-26 | improve signing\n\nSignature timestamp is now handled in a saner way. Sha256 ... | Wojtek Kosior |
| 2021-08-23 | use StreamFilter under Mozilla to prevent csp <meta> tags from blocking our i... | Wojtek Kosior |
| 2021-08-20 | sanitize `<meta>' tags containing CSP rules under Chromium...This commit adds a mechanism of hijacking document when it loads and injecting sanitized nodes to the DOM from the level of content script. | Wojtek Kosior |
| 2021-08-18 | remove unneeded policy-related cosole messages; restore IceCat 60 compatibility | Wojtek Kosior |
| 2021-08-18 | implement smuggling via cookies instead of URL | Wojtek Kosior |
| 2021-08-14 | merge facility to install from Hydrilla | Wojtek Kosior |
| 2021-08-14 | Revert changes to content/main.js to commit 25817b68c*...It turns out modifying the CSP headers in meta tags has no effect. | jahoti |
| 2021-08-06 | Facilitate installation of scripts from the repository...This commit includes: * removal of page_info_server * running of storage client in popup context * extraction of some common CSS to a separate file * extraction of scripts import view to a separate file * addition of a facility to conveniently clone complex structures from DOM (in DOM_helpers.js) * addition of hydrilla repo url to default settings * other minor changes and of course changes related to the actual installation of scripts from the repo | Wojtek Kosior |
 |
index : browser-extension | |
| A Web Extension to facilitate replacing sites' js with user-supplied scripts |
| aboutsummaryrefslogtreecommitdiff |