TODO: - parallelize fetching of remote scripts - allow specifying whether a script occurring mutiple times directly or indirectly in a bag should be included multiple times or once - make it possible to provide backup urls for remote scripts - make it possible to cache remote scripts - optimize url querying - make it possible to automatically download page's served scripts and save them (of course, this by itself -- CRUCIAL would give little benefit, but it will make it easy to modify this set of scripts - useful, if some of those scripts are already free, as is often the case) - also, find some convenient way to automatically re-add "on" events ("onclick" & friends) - add some good, sane error handling - get rid of those warnings and exceptions in console (many are not even related to this extension; who invented this thing?) (gecko-only) - make page settings easily and conveniently editable in popup -- CRUCIAL - in popup make it possible to edit both main frame page's settings and settings for pages that currently happen to live in iframes - add some nice styling to settings page - make script bag components re-orderable (via drag&drop in options page) -- CRUCIAL - find some way not to require each chrome user to modify manifest.json - test with more browser forks (Abrowser, Parabola IceWeasel, LibreWolf) - make sure page's own csp in
doesn't block our scripts - create a repository to host scripts - enable the extension to automatically fetch script substitutes from the repo - make it possible to inject scripts to arbitrary places in DOM - make script blocking code omit those scripts - check if prerendering has to be blocked -- CRUCIAL - block prefetch - rearrange files in extension - supplement the build script with a makefile, also produce zipped arifacts - perform never-ending refactoring of already-written code - also implement support for whitelisting of non-https urls - validate data entered in settings - stop always using the same script nonce on given https(s) site (this improvement seems to be unachievable in case of other protocols) - besides blocking scripts through csp, also block connections that needlessly fetch those scripts - make extension's all html files proper XHTML - split options_main.js into several smaller files - validate settings data on import - rename the extension to something good - find some good hatchet icon and rename the extension to "Hachette" (unless someone suggests another good name before we do so) - add an option to disable script blocking globally - Add support to settings_query for non-standard URLs (e.g. file:// and ftp://) - Process HTML files in data: URLs instead of just blocking them - improve CSP injection for pathological cases like