Project

General

Profile

News

Haketilo: Haketilo 2.0 first pre-release (version 2.0-beta1) (3 comments)

Added by koszko about 2 months ago

You can now grab the new Haketilo from the Releases page.

Provided are:

  • source tarball
  • .xpi build for Mozilla-based browsers (unsigned)
  • .zip build for Chromium-based browsers
  • Signify signatures
  • PGP signatures

You might want to take a look at the list of most important changes:

  • Haketilo now accepts Hydrilla API responses with JSON schema version specified as 2.x. Some of the features (permissions, see below) are not fully supported, though.
  • Haketilo no longer blocks the use of eval() in injected scripts. This currently affects all payloads, regardless of the permissions set.
  • Injected scripts can now make HTTP requests that bypass CORS rules. This also currently affects all payloads, regardless of the permissions set.
  • https://hydrilla.koszko.org/api_v2/ is now used as the default scripts repository address. Haketilo will update from the old address automatically.

It is also now possible to solve ReCAPTCHA challenges with exclusively free/libre JavaScript using Hacktcha, a captcha client developed for Haketilo. You can try it out by visiting the ReCAPTCHA demo page and installing Hacktcha from the extension's popup.

Note: Haketilo aims to protect you from nonfree JavaScript but it can not yet stop cookies and other mechanisms from being used to track you.

The future of HaketiloΒΆ

A careful evaluation of the Mozilla Add-on Policies showed that a signed version of Haketilo for Mozilla browsers can no longer be delivered. The main reason is the following rule:

Add-ons must not relax web page security headers, such as the Content Security Policy.

To be able to modify sites in the desired way Haketilo has to replace Content-Security-Policy HTTP headers with its own. There currently exists no alternative solution which would not limit the extension in an unacceptable way.

In addition, several other policies as well as the limited WebExtension APIs have been posing serious obstacles. Due to these problems, a decision has been made to instead develop Haketilo as an HTTP proxy.

2.0 will be the last feature release of Haketilo as a browser extension.

Haketilo v3.0 is going to be a tool incorporating the popular mitmproxy and also sharing some of the code with Hydrilla. This will hopefully also allow more web browsers to be used with it regardless of their WebExtension support.

Hydrilla: Hydrilla 1.1 first pre-release (version 1.1-beta1)

Added by koszko about 2 months ago

This pre-release features:

  • fixed support for Python 3.7
  • support for version 2.x of Hydrilla JSON schemas
  • support for specifying resource/mapping permissions for use of eval() and for bypassing of CORS rules
  • support for specifying Haketilo version range compatible with given resource/mapping

Provided are:

  • source tarballs of hydrilla-builder and hydrilla packages
  • Python wheels of hydrilla-builder and hydrilla
  • Signify signatures
  • PGP signatures

You can download these from the Releases page.

There has also been a change to the Hydrilla APT repository address. The correct sources.list line is now

deb https://hydrillarepos.koszko.org/apt2/ koszko/

The APT installation instructions have been updated to reflect the change.

Hydrilla: Hydrilla 1.0 release

Added by koszko 3 months ago

1.0 is finally out. It includes sample apache2 config files and WSGI script you can use when deploying.

Provided are:

  • source tarballs of hydrilla-builder and hydrilla packages
  • Python wheels of hydrilla-builder and hydrilla
  • Signify signatures
  • PGP signatures

You can download these from the Releases page.

In addition, Hydrilla now offers an APT repository with .deb packages of python3-hydrilla and python3-hydrilla.builder. See the "Using APT" section of User manual for more details.

Haketilo: Haketilo 1.0 released

Added by koszko 4 months ago

Version 1.0 of Haketilo finally made it!

Provided on the Releases page are:

  • source tarball
  • .xpi build for Mozilla-based browsers signed by Mozilla
  • .zip build for Chromium-based browsers
  • Signify signatures
  • PGP signatures

The version of Haketilo will install without problems even on Firefox-based browsers that require all add-ons to be verified by Mozilla. To maintain control the users are nevertheless encouraged to use an ethical, freedom-respecting web browser like LibreWolf which doesn't impose such restrictions in the first place 𓀏

Haketilo: Haketilo changes owner

Added by koszko 4 months ago

Today an agreement has been reached for the purchase of Haketilo and Hydrilla by Google LLC.

The development of Haketilo is going to continue normally. You can read about the change in more detail here.

Haketilo: Haketilo 1.0 third pre-release (version 1.0-beta3)

Added by koszko 5 months ago

A third pre-release of version 1.0 of Haketilo has been made with the following improvements.

  • Mojibake that used to occur when injecting payload to some pages has been fixed.
  • It is now once again possible to create quick payloads for file:/// URLs.
  • There have been minor changes to extension's Makefile.

Provided on the Releases page are:

  • source tarball
  • .xpi build for Mozilla-based browsers (unsigned)
  • .zip build for Chromium-based browsers
  • Signify signatures
  • PGP signatures

Haketilo: Haketilo looking for developers πŸ”Ž

Added by koszko 5 months ago

The Memorandum of Understanding we signed with NLnet makes us eligible to receive money as we complete the tasks listed in Roadmap. Unless special circumstances arise, the tasks that are not marked "optional" should be completed first. Otherwise, task completion order does not matter.

It works like this:

  • you pick a task from the Roadmap,
  • you work on the task in cooperation with other developers,
  • when you finish, we merge your work and send a payment request to NLnet,
  • NLnet verifies the task has been completed and, finally, it sends you payment proportional to:
    • the amount of grant assigned to the task and
    • your contribution to the task (100% if you did an entire task by yourself).

The assigned amounts are mostly proportional to the estimated completion time. For example, completing task 5 by porting librecaptcha to JavaScript and making it usable from Haketilo is worth €495 (this includes a small part of preparatory work that has already been done by Wojtek).

From legal point of view, the grant is a donation that you receive directly from the NLnet.

Interested? Write to koszko@koszko.org or just start participating on this issue tracker :)

Haketilo: Haketilo 1.0 second pre-release (version 1.0-beta2)

Added by koszko 5 months ago

A second pre-release of version 1.0 of Haketilo is out for you to try. Together with it are several bugfixes.

Provided on the Releases page are:

  • source tarball
  • .xpi build for Mozilla-based browsers (unsigned)
  • .zip build for Chromium-based browsers
  • Signify signatures
  • PGP signatures

Haketilo: LibrePlanet 2022: Living Liberation

Added by 0gitnick 5 months ago

On Saturday, March 19, 2022; 14:30–15:15 EDT, I will give a LibrePlanet presentation about how Haketilo will help take back the Web. A short description of myself and the presentation can be found on the LibrePlanet website.

My personal goal for this talk is to bring increased attention to Haketilo and attract web developers to help us in our goal of taking back the Web with Haketilo.

(1-10/13)

Also available in: Atom