Project

General

Profile

Activity

From 06/04/2021 to 07/03/2021

07/02/2021

11:08 PM Feature #14: test with more browser forks (Abrowser, newest Parabola IceWeasel, LibreWolf)
Perhaps. However, I also had hard time trying to find where the edit option is... Just in case - I am sending a scree... koszko
10:51 PM Feature #14: test with more browser forks (Abrowser, newest Parabola IceWeasel, LibreWolf)
It partly helped- I can see a lot more options than previously! There's still no way to edit the issue, however, whic... jahoti
11:36 AM Feature #14 (In Progress): test with more browser forks (Abrowser, newest Parabola IceWeasel, LibreWolf)
I added you to the project. Perhaps it will work now koszko
02:55 AM Feature #14: test with more browser forks (Abrowser, newest Parabola IceWeasel, LibreWolf)
I can't work out how to edit it in: Tor Browser 10.0.17 jahoti
09:34 PM Bug #39 (Closed): Redmine is unbelievably slow. do sth about it
koszko
09:06 AM Feature #45 (Rejected): Add a universal wildcard for URLs
Potentially something to consider carefully, as it is obviously open to misuse, a way to signal a script should run o... jahoti
03:22 AM Feature #44 (Closed): Load in default settings using the build system
Currently default settings are integrated into the source code, which makes it difficult to add or modify the built-i... jahoti
03:01 AM Feature #8: add some good, sane error handling
Also what happens when the hash of a remotely loaded script doesn't match what is set- some update mechanism perhaps? jahoti
02:21 AM Feature #40: Move documentation to wiki
There's no wiki to move documentation to yet (it seems you're the only one with the power to create one). jahoti
02:09 AM Feature #43 (Rejected): Replace common/sha256.js with crypto.subtle
All supported browsers provide built-in support for hashing and other cryptographic methods through built-in APIs. Th... jahoti
02:02 AM Bug #42 (Rejected): Nonce not set on injected scripts
**Update: rejected as this the expected behaviour, and is present at least as far back as commit 86ad1c6e0cf8a9ec3a52... jahoti

07/01/2021

08:01 PM Feature #9 (In Progress): make page settings easily and conveniently editable in popup
koszko
12:10 PM Feature #9 (Rejected): make page settings easily and conveniently editable in popup
koszko
06:15 PM Feature #40 (Closed): Move documentation to wiki
Documentation is currently on https://koszko.org/browser-extension-doc.html and https://git.koszko.org/browser-extens... koszko
04:52 PM Bug #39: Redmine is unbelievably slow. do sth about it
Seems to have been due to matrix-synapse I left running on the VPS eating all the RAM and swap... Let's let redmine o... koszko
04:50 PM Bug #39 (In Progress): Redmine is unbelievably slow. do sth about it
koszko
04:50 PM Bug #39 (Feedback): Redmine is unbelievably slow. do sth about it
koszko
04:07 PM Bug #39 (Closed): Redmine is unbelievably slow. do sth about it
koszko
01:52 PM Feature #38 (Rejected): Add support to also inject css files to pages
koszko
01:51 PM Feature #37 (Closed): prepare some website fixes usable with this extension
Hachette's goal (not the only one) is to enable fixing of nonfree-js-encumbered sites and sharing the fixes. However,... koszko
01:11 PM Feature #36 (Closed): prepare application for NLnet fund
Current efforts are on [[NLNet_application_for_UOI_Call_August_2021]]. koszko
01:07 PM Feature #34 (Closed): improve CSP injection blocking
There are some possible pathological cases like `<script>` before `<head>`. We should make sure CSP `<meta>` tag we i... koszko
01:05 PM Feature #33 (Rejected): Add more possibilities of page URL matching
Also support patterns for matching URLs by explicit ports, query parameters and maybe even POST request parameters. koszko
01:02 PM Feature #32 (Rejected): Process HTML files in data: URLs instead of just blocking them
Content scripts are said not to get loaded to pages opened from data: URLs. We're currently blocking data: page links... koszko
12:58 PM Feature #31 (Closed): add an option to disable script blocking globally
Some people might be less interested in swfreedom and more in potential features offered by our platform. koszko
12:57 PM Feature #30 (Closed): Rename the extension and find some good icon 🪓
In addition to the extension itself, the documentation (https://hachettebugs.koszko.org/projects/hachette/wiki) will ... koszko
12:55 PM Feature #29 (Closed): validate settings data on import
Settings data is imported and exported as json. Invalid JSON schema can currently cause import operation to throw an ... koszko
12:54 PM Feature #28 (Closed): split options_main.js into several smaller files
This file is betting bigger and bigger... koszko
12:53 PM Feature #27 (Rejected): make extension's all html files proper XHTML
koszko
12:53 PM Feature #26 (Closed): besides blocking scripts through csp, also block connections that needlessly fetch those scripts
koszko
12:52 PM Feature #25 (Closed): stop always using the same script nonce on given https(s) site
Other protocols are of no interest since they're not supported by WebRequest API. For HTTP(s), we could make things m... koszko
12:48 PM Feature #24 (Closed): validate data entered in settings
Right now it is possible to add a bag to itself and do other weird things... koszko
12:48 PM Feature #23 (Closed): also implement support for whitelisting of non-https urls
The method of policy smuggling through URL is already defined. What is needed is to perform a reload to a URL contain... koszko
12:45 PM Feature #22 (Closed): supplement the build script with a makefile, also produce zipped artifacts
Right now building is performed with `build.sh mozilla` or `build.sh chromium`. These produce directories with built ... koszko
12:42 PM Feature #21 (Rejected): rearrange files in extension
Currently, scripts are split between _background_, _content_, _common_ and _html_ directories. The idea was to arrang... koszko
12:39 PM Feature #20 (Rejected): block prefetch
Page can tell the browser to prefetch certain resources (such as scripts) even before they are used. If a script is n... koszko
12:37 PM Feature #19 (Rejected): check if prerendering has to be blocked
Modern "Web" added feature to allow page to specify other pages to be prerendered before they are opened in the brows... koszko
12:33 PM Feature #18 (Rejected): make it possible to inject scripts to arbitrary places in DOM
This might turn out not to be needed. Practice will show. For now - scripts are being injected at the end of <body> a... koszko
12:32 PM Feature #17 (Closed): enable the extension to automatically fetch script substitutes from the repo
Of course, we need the repo itself first. koszko
12:31 PM Feature #16 (Closed): create a repository to host scripts
This is a broad topic and will ultimately be a separate project on this tracker.
koszko
12:30 PM Feature #15 (Closed): make sure page's own csp in <head> doesn't block our scripts
Currently we inject scripts by creating a <script> tag and adding it at the end of <body>. We remove page's own csp H... koszko
12:28 PM Feature #14 (Rejected): test with more browser forks (Abrowser, newest Parabola IceWeasel, LibreWolf)
Currently used are:
by koszko:
* IceCat 60 (+ selenium)
* Ungoogled Chromium 90
* Parabola Iceweasel 75 (+ sele...
koszko
12:26 PM Feature #13 (Closed): find some way not to require each chrome user to modify manifest.json
Smuggling page's policy setting to content scripts without use of asynchronous APIs like messages system doesn't seem... koszko
12:15 PM Feature #12 (Rejected): make script bag components re-orderable
Implement drag&drop functionality to re-order bag components in settings page. koszko
12:13 PM Feature #11 (Closed): add some nice styling to settings page
Edit _html/options.html_, maybe extract styles into a separate .css file. koszko
12:12 PM Feature #10 (Rejected): show iframes settings in popup
In popup make it possible to view both main frame page's settings and settings for pages that currently happen to liv... koszko
12:03 PM Feature #8 (Closed): add some good, sane error handling
Storage accesses might sometimes fail (for example due to all available storage space being used up) and we could inf... koszko
11:56 AM Feature #7 (New): [Roadmap 34][Milestone] find some convenient way to automatically re-add intrinsic javascript
We want to be able to save sites' scripts for local serving and editing and we want sites to work properly with such ... koszko
11:41 AM Feature #6 (New): [Roadmap 34] make it possible to automatically download page's served scripts and save them
Of course, running the same nonfree scripts but served locally would not be a significant improvement. This feature w... koszko
11:35 AM Feature #5 (Closed): optimize url querying
Scripts are injected to pages with URLs matching specified patterns, like _https://**.example.com/something/*_. Curre... koszko
11:25 AM Feature #4 (Rejected): make it possible to cache remote scripts
When a script to inject is not stored locally but rather referenced by a URL, it gets downloaded every time it is nee... koszko
10:50 AM Feature #3 (Rejected): make it possible to provide backup urls for remote scripts
When defining a script to inject to pages, it is possible to provide a URL to download it from instead of the actual ... koszko
10:41 AM Feature #2 (Rejected): allow specifying whether a script occurring mutiple times should be included multiple times or once
It extension's settings page it is possible to make "script bags" and add scripts to them. A bag can also be added to... koszko
10:27 AM Feature #1 (Rejected): parallelize fetching of remote scripts
Besides scripts keps in extension's storage, it is also possible to define an injectable script using URL from which ... koszko
 

Also available in: Atom