dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
7716
share rss forum feed


hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

Re: [FireFox] NoScript [DEV BUILDs] Releases

NoScript v 2.3.6rc4 Dev Build Released
• Restored Nightly compatibility, broken by bug 719154

Get it! »noscript.net/getit



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

NoScript v 2.3.7rc1 Dev Build Released
• [XSS] Enhanced InjectionChecker tolerance to certain URL patterns containing domain-names as
parameter values (thanks gazer75 for report)

Get it! »noscript.net/getit



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21

1 recommendation

reply to hayc59

NoScript v 2.3.7rc2 Dev Build Released
• [ClearClick] Compatibility with Bitdefender TrafficLight (thanks Christopher A. M. Gerlach for reporting)

Get it! »noscript.net/getit



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

NoScript v 2.3.7rc3 Dev Build Released
• [ClearClick] Work-around for "rapid fire" protection interfering with some add-ons, ssuch as
1Password (thanks Mike Tselikman for report)

Get it! »noscript.net/getit



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

NoScript v 2.3.7rc4 Dev Build Released
• [ClearClick] Further "rapid fire" protection sensitivity tweaking

Get it! »noscript.net/getit



Grail Knight

Premium
join:2003-05-31
Valhalla
kudos:6
Reviews:
·Verizon Online DSL
·Time Warner Cable

1 recommendation

reply to hayc59

Noscript v 2.3.7rc5 Dev Build Released

==============================================

x [ClearClick] Further refinements in TrafficLight compatibility and
"rapid fire" sensitvity

==============================================

Get it: »noscript.net/getit
--
"We're your friends. We're not like the others, man, really."



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

NoScript v 2.3.8rc1 Dev Build Released
• Smart integration with the new browser-native click to play: if a plugin object is manually allowed from NoScript's UI,
it gets also natively activated (noscript.smartClickToPlay about:config preference)
• Improved active content identity tracking, to
avoidredundant blocking steps across reloads

Get it! »noscript.net/getit

--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v 2.4.2rc1 Released
• [XSS] Fixed false positive regression on some file hosting sites (thanksJanne Maekelae for reporting)
Get it!
»noscript.net/getit



Gone Fishing
Premium
join:2001-06-29

4 edits

1 recommendation

NoScript v 2.4.2rc2 Dev Build Released

Recent development history:

v 2.4.2rc2
===========================================

Fixed first application updates check failing on Nightly (bug 754393)

...

Download NoScript v2.4.2rc2 @ »noscript.net/getit
--
non nova, sed nove
primum non nocere



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

Re: [FireFox] NoScript [DEV BUILDs] Releases

v 2.4.2rc3 Released
• [XSS] Protection against HPP attacks exploiting URL parsing quirks specific to ASP Classic (thans Soroush Dalili for reporting)

Get it!
»noscript.net/getit



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v 2.4.2rc4 Released
• x [XSS] Fixed regression blocking any suspect HPP attack silently (thanks Soroush Dalili for reporting)

Get it!
»noscript.net/getit



chachazz
Premium
join:2003-12-14
kudos:9
Reviews:
·TELUS
reply to hayc59

via auto update...




chachazz
Premium
join:2003-12-14
kudos:9
Reviews:
·TELUS
reply to hayc59

via auto update...




hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v 2.4.2rc5 Released
• Fixed recursion bug preventing ASP-specific unicode encodings from
being correctly handled in presence of simultaneous HPP (thanks Soroush Dalili for reporting)
v 2.4.2rc6 Released
• Fixed query string parsing bug in the new ASP-specific HPP protection (thanksSoroush Dalili for reporting)

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v2.4.2rc7 Released

• [ABE] IPv6 link-local addresses (fe80:/10) are not considered belonging to the LAN anymore for the purpose of cross-zone request forgery checks in order to safely work-around DNS misconfiguration issues in the wild (thanks siu and ralf for reporting)
• [ABE] Fixed router WEB UI fingerprinting failing on some devices because of redirection loops

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)



Grail Knight

Premium
join:2003-05-31
Valhalla
kudos:6
Reviews:
·Verizon Online DSL
·Time Warner Cable

1 recommendation

reply to hayc59

Noscript v 2.4.3rc1 dev build
================================================
+ The noscript.allowedMimeRegExp preference now applies also to Java, Flash and Silverlight mime types
================================================

You will have to read a little bit but here is more info on what this pref. does.

Get it: »noscript.net/getit
--
"We're your friends. We're not like the others, man, really."



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v2.4.3rc2 Released

• Better detection of free inline script injections (without string literal evasion) inside function calls

Get it!
»noscript.net/getit



chachazz
Premium
join:2003-12-14
kudos:9
Reviews:
·TELUS
reply to hayc59

NoScript 2.4.3rc3 Dev




















Get it: »www.noscript.net/getit


hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v2.4.3rc3 Released
• Fixed JS links detection not resolving JS string escapes (thanks vyznev for reporting)
•Fixed HTML 5 parser detection in META refresh processing being broken by a removed browser preference
•Fixed exception raised by inclusion type checks when parent document's URI has no host

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v2.4.4rc1 Released
• Fixed regression from 2.4.3rc3 causing same-site stylesheets to be checked for mime type mismatches and XSLT inclusions to be incorrectly blocked (thanks hanfi for reporting)

Get it!
»noscript.net/getit



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v2.4.4rc2 Released
• [Locale] Updated he-IL (thanks baryoni)
• Fixed early synthetic DNS notification causing blank stripe on the bottom of the first browser window if started maximized or fullscreen
• Removed Firefox 2.x compatibility code

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21

1 recommendation

reply to hayc59

v 2.4.5rc2 Released
• [XSS] Improved E4X compatibility (thanks Masato Kinugawa for report)

v 2.4.5rc1
• [XSS] Improved "Maybe JS" heuristic (thanks Masato Kinugawa for report)
• [XSS] More aggressive obsolete charsets filtering (thanks Masato Kinugawa for report)

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v 2.4.5rc3 Released
• [XSS] More regular expression objects caching as a speed optimization
• [XSS] Removed optimization shortcut causing false negatives on some kind of concatenated assignments (thanks Masato Kinugawa for report)

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v 2.4.5rc4 Released
• [XSS] Further "Maybe JS" heuristic refinement (thanks Masato Kinugawa for report)
• [XSS] Improved data: URIs detection (thanks Masato Kinugawa for report)

Get it!
»noscript.net/getit



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v 2.4.5rc6 Released
• [XSS] Improved unconventional assignments detection (thanks Masato Kinugawa for report)
v 2.4.5rc5
• [XSS] Work-around for Gecko ignoring spaces inside data: URIs (thanks Masato Kinugawa for report)
• [Locale] Corrected he-IL merge (thanks baryoni)

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v2.4.7rc1 Released
• [XSS] Fixed false positive with some Base64-encoded Yahoo News subrequests
• Fixed regression, noscript.allowedMimeRegExp not working anymore for plugins other than Java, Flash and Silverlight
• Auto-anchored multi-valued regexp preferences can now be separated by regular spaces rather than just newlines
(this behavior was documented but not actually implemented for noscript.allowedMimeRegExp)

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v 2.4.7rc3
• [ClearClick] Fixed regression: caret cursor not shown on text content
(thanks Fanolian for reporting)
v 2.4.7rc2
• [ClearClick] Fixed Tumblr widgets false positive (thanks @Raydere for report)

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v 2.4.8rc1

Fixed feed: and pcast: URLs not being unwrapped in some checks
(thanks Alex Inführ for reporting)
Removed assumptions of a body element from some code paths which may
handle generic XML documents

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

v 2.4.9rc1
• [XSS] Protection against error-based SQLI with a XSS payload
(thanks Ashar Javed for reporting, original disclosure by Keith Makan)

Get it!
»noscript.net/getit



Gone Fishing
Premium
join:2001-06-29

2 recommendations

reply to hayc59

V. 2.5rc1 - Your Ultimate Browser Armor

2.5rc1
========================================
x Fixed interaction with built-in Firefox's click-to-play causing
infinite object activation loop (thanks al_9x for reporting)

»noscript.net/getit
--
non nova, sed nove
primum non nocere