Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-07-12 | Stop using the nonce consistently for a URL | jahoti | |
Nonces are now randomly generated, either in the page (for non-HTTP(S) pages) or by a background module which stores them by tab and frame IDs. In order to support the increased variance in nonce-generating methods and allow them to be loaded from the background, handle_page_actions is now invoked separately according to (non-)blocking mechanism. | |||
2021-06-30 | emply an sh-based build system; make some changes to blocking | Wojtek Kosior | |
2021-06-28 | License script-blocking techniques from NoScript in machine-readable format. | jahoti | |
In-page blocking now works on Firefox, and JavaScript/data- URLs are properly blocked to ensure no JavaScript leaks in through backdoors. Blocking of HTML/XML data: urls should be refined (eventually) to align with current practice for pages in general. Also, script-blocking is now filtered by nonce, making it possible (albeit perhaps not desirable) to inject scripts before the DOM is complete. | |||
2021-06-26 | remove mnetion of LGPL from javascript exception to the GPL | Wojtek Kosior | |
2021-06-25 | make it clear "A" license contains text from BSD license with its own copyright | Wojtek Kosior | |
2021-06-25 | gather all copyright info in 'copyright' file | Wojtek Kosior | |