dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
7733
share rss forum feed


hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

Re: [FireFox] NoScript [DEV BUILDs] Releases

v2.4.4rc2 Released
• [Locale] Updated he-IL (thanks baryoni)
• Fixed early synthetic DNS notification causing blank stripe on the bottom of the first browser window if started maximized or fullscreen
• Removed Firefox 2.x compatibility code

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)


hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21

1 recommendation

reply to hayc59
v 2.4.5rc2 Released
• [XSS] Improved E4X compatibility (thanks Masato Kinugawa for report)

v 2.4.5rc1
• [XSS] Improved "Maybe JS" heuristic (thanks Masato Kinugawa for report)
• [XSS] More aggressive obsolete charsets filtering (thanks Masato Kinugawa for report)

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)


hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59
v 2.4.5rc3 Released
• [XSS] More regular expression objects caching as a speed optimization
• [XSS] Removed optimization shortcut causing false negatives on some kind of concatenated assignments (thanks Masato Kinugawa for report)

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)


hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59
v 2.4.5rc4 Released
• [XSS] Further "Maybe JS" heuristic refinement (thanks Masato Kinugawa for report)
• [XSS] Improved data: URIs detection (thanks Masato Kinugawa for report)

Get it!
»noscript.net/getit


hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59
v 2.4.5rc6 Released
• [XSS] Improved unconventional assignments detection (thanks Masato Kinugawa for report)
v 2.4.5rc5
• [XSS] Work-around for Gecko ignoring spaces inside data: URIs (thanks Masato Kinugawa for report)
• [Locale] Corrected he-IL merge (thanks baryoni)

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)


hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59
v2.4.7rc1 Released
• [XSS] Fixed false positive with some Base64-encoded Yahoo News subrequests
• Fixed regression, noscript.allowedMimeRegExp not working anymore for plugins other than Java, Flash and Silverlight
• Auto-anchored multi-valued regexp preferences can now be separated by regular spaces rather than just newlines
(this behavior was documented but not actually implemented for noscript.allowedMimeRegExp)

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)


hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59
v 2.4.7rc3
• [ClearClick] Fixed regression: caret cursor not shown on text content
(thanks Fanolian for reporting)
v 2.4.7rc2
• [ClearClick] Fixed Tumblr widgets false positive (thanks @Raydere for report)

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)


hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59
v 2.4.8rc1

Fixed feed: and pcast: URLs not being unwrapped in some checks
(thanks Alex Inführ for reporting)
Removed assumptions of a body element from some code paths which may
handle generic XML documents

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)


hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59
v 2.4.9rc1
• [XSS] Protection against error-based SQLI with a XSS payload
(thanks Ashar Javed for reporting, original disclosure by Keith Makan)

Get it!
»noscript.net/getit


Gone Fishing
Premium
join:2001-06-29

2 recommendations

reply to hayc59

V. 2.5rc1 - Your Ultimate Browser Armor

2.5rc1
========================================
x Fixed interaction with built-in Firefox's click-to-play causing
infinite object activation loop (thanks al_9x for reporting)

»noscript.net/getit
--
non nova, sed nove
primum non nocere


Gone Fishing
Premium
join:2001-06-29

1 recommendation

reply to hayc59

Re: [FireFox] NoScript [DEV BUILDs] Releases

2.5rc2
========================================
x Work-around for additional browser tools placed on the bottom of the
content messing with NoScript's notification height (thanks ochristi
for report)
x Fixed placeholders for absolutely positioned elements may cause layout
glitches (thanks al_9x for reporting)
...

»noscript.net/getit
--
non nova, sed nove
primum non nocere


hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21

1 edit

1 recommendation

reply to hayc59
v2.5rc3

• [XSS] Improved XML handling algorithm preserves E4X detection accuracy while removing false positives, e.g. against OAUTH payloads
• [XSS] Added exception for self-injecting yahoo.com/yimg.com frames (can be disabled by setting the noscript.filterXExceptions.yahoo about:config preference to false)

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)


Gone Fishing
Premium
join:2001-06-29

2 edits

1 recommendation

reply to hayc59

v 2.5rc6

v 2.5rc6
=========================================
+ [XSS] Further reduction in false positives triggered by XML payloads

v 2.5rc5
=========================================
x Further hack to remove the height attribute automatically set on the
notification stack by browser tools (thanks therube for reporting)

v 2.5rc4
=========================================
x Hack to automatically restore the notification bar position as the last
of its sibling DOM nodes, as a better work-around for browser tools
messing with its height
- Removed ineffective CSS-based work-around for the browser tools
splitter messing with NoScript notification's height

»noscript.net/getit


Grail Knight

Premium
join:2003-05-31
Valhalla
kudos:6

2 recommendations

Thanks.


Gone Fishing
Premium
join:2001-06-29

1 recommendation

reply to Gone Fishing

v 2.5.1rc1

v 2.5.1rc1
=================================
x Work-around for hp-ww.com misconfiguration
(JavaScript files served with bogus content-type header)

»noscript.net/getit
--
non nova, sed nove
primum non nocere


Gone Fishing
Premium
join:2001-06-29

1 recommendation

reply to hayc59

v 2.5.2rc1

v 2.5.2rc1
========================================
x Fine tuned floating div (in-page popup) removal by locking it to the
nearest positioned ancestor and swallowing the mouseup event if the
DEL key has been hit after last mousedown

»noscript.net/getit
--
non nova, sed nove
primum non nocere


Gone Fishing
Premium
join:2001-06-29

2 edits

1 recommendation

reply to hayc59

v 2.5.3rc4

Recent development history:

v 2.5.3rc4
=========================================
x Fixed false positives on URL containing an ASP.NET cookieless session
identifier (thanks Trupti Chaudhari for reporting)

v 2.5.3rc3
=========================================
+ noscript.eraseFloatingElements about:config preference to switch the
mousedown + del key floating popup erasing feature off and on
x Limited the mousedown + del key floating popup erasing feature to pages
where scripts are forbidden and to absolute or fixed position elements

v 2.5.3rc2
=========================================
x Fixed JavaScript URL non-void expression evaluation in the URL bar causing scripts to get globally allowed (thanks al_9x for reporting)

v 2.5.3rc1
=========================================
x [XSS] Work-around for a Gecko URL parsing quirk (thanks .mario for reporting)

»noscript.net/getit
--
non nova, sed nove
primum non nocere


Grail Knight

Premium
join:2003-05-31
Valhalla
kudos:6

2 recommendations

Re: v 2.5.3rc3

Thanks.


Grail Knight

Premium
join:2003-05-31
Valhalla
kudos:6
Reviews:
·Verizon Online DSL
·Time Warner Cable
reply to hayc59

Re: [FireFox] NoScript [DEV BUILDs] Releases

Noscript v 2.5.3rc4 dev build available
===============================================

x Fixed false positives on URL containing an ASP.NET cookieless session identifier (thanks Trupti Chaudhari for reporting)

===============================================

Get it: »noscript.net/getit
--
"Paranoia, the destroyer"


Grail Knight

Premium
join:2003-05-31
Valhalla
kudos:6
Reviews:
·Verizon Online DSL
·Time Warner Cable

1 recommendation

reply to hayc59
Noscript v 2.5.4rc1 dev build available
===========================================
x Fixed placeholder sizes messed up by changes in Gecko 17

x Work-around for broken content policy call for Java plugin on Gecko 17 and above (thanks marty60 for reporting)
============================================

Get it:
»noscript.net/getit
--
"Paranoia, the destroyer"


hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59
GK..love that red!!


Grail Knight

Premium
join:2003-05-31
Valhalla
kudos:6

1 recommendation

Kind of highlights the name a bit.
--
"Paranoia, the destroyer"


Grail Knight

Premium
join:2003-05-31
Valhalla
kudos:6
Reviews:
·Verizon Online DSL
·Time Warner Cable

1 recommendation

reply to hayc59
[b]Noscript v 2.5.4rc2 dev build available
============================================

x Fixed meta-refresh emulation regression in Gecko 16 and below

============================================

Get it: »noscript.net/getit
--
"Paranoia, the destroyer"


Gone Fishing
Premium
join:2001-06-29
reply to hayc59

v 2.5.4rc3

v 2.5.4rc3
============================================

x Fixed HTTP checks not being skipped anymore for some chrome-generated XMLHttpRequest requests because of a Gecko 15 change

x Work-around for cloned DOM nodes not retaining additional
chrome-attached information anymore, thus breaking placeholders in some cases (thanks al_9x for reporting)

x Fixed placeholder post-enablement event channeling broken by Sandbox changes

Get it: »noscript.net/getit
--
non nova, sed nove
primum non nocere


Gone Fishing
Premium
join:2001-06-29

1 edit
reply to hayc59

NoScript 2.5.4 released



hayc59
Im Your Huckleberry
Premium
join:2001-02-26
David R.I.P.
kudos:21
reply to hayc59

Re: [FireFox] NoScript [DEV BUILDs] Releases

2.5.5rc2
• Cross-browser work-around for
»bugzilla.mozilla.org/show_bug.cgi?id=789773
v 2.5.5rc1
• More reliable Java applet origin identification
• Work-around for
»bugzilla.mozilla.org/show_bug.cgi?id=789773

Get it!
»noscript.net/getit
--
ãrê ¥Øu êxpêriêncêD
Microsoft® MVP Consumer Security
"Greater love has no one than this, that he lay down his life for his friends."
9/11/01 Never Forget
(H59 Clan)