Project

General

Profile

Activity

From 07/23/2021 to 08/21/2021

08/20/2021

12:57 PM Revision d09b7ee1 (haketilo): sanitize `<meta>' tags containing CSP rules under Chromium
This commit adds a mechanism of hijacking document when it loads and injecting sanitized nodes to the DOM from the le... koszko

08/18/2021

08:54 PM Revision 3d0efa15 (haketilo): remove unneeded policy-related cosole messages; restore IceCat 60 compatibility
koszko
05:53 PM Revision 014f2a2f (haketilo): implement smuggling via cookies instead of URL
koszko
05:51 PM Revision 0bbda8fc (haketilo): enhance our bundler to protect top-level `this' from accidental clobbering
koszko

08/17/2021

02:00 AM Revision 9e280d45 (haketilo): Begin work on a Hydrilla-compatible virtual website for testing
The file test/gorilla.py will help with testing respositories.
It also provides a CLI Hydrilla > Hachette fix converter.
jahoti
02:00 AM Revision e9b7f4d7 (haketilo): Enable the hijacking proxy in the test suite to serve responses
jahoti
02:00 AM Revision 5b7c9edb (haketilo): Merge remote-tracking branch 'origin/master' into jahoti
jahoti

08/14/2021

10:07 AM Revision 443bc095 (haketilo): merge facility to install from Hydrilla
koszko
09:54 AM Revision ae1844f9 (haketilo): merge csp-PoC
koszko
02:00 AM Revision 6fda8ea5 (haketilo): Revert changes to content/main.js to commit 25817b68c*
It turns out modifying the CSP headers in meta tags has no effect. jahoti

08/10/2021

08:18 PM Revision 2fbab2f0 (haketilo): change default repository URL
koszko

08/06/2021

05:17 PM Revision 792fbe18 (haketilo): Facilitate installation of scripts from the repository
This commit includes:
* removal of page_info_server
* running of storage client in popup context
* extraction of some...
koszko
02:00 AM Revision 7796e554 (haketilo): Add the beginnings of a test suite
jahoti

08/05/2021

08:44 PM Revision 90896bcf (haketilo): enable modularization of html files
koszko

08/04/2021

10:01 PM Revision 5957fbee (haketilo): make settings_query.js use storage object passed as an argument
koszko

08/02/2021

02:00 AM Revision 5b419aed (haketilo): [UNTESTED- will test] Add filtering for http-equiv CSP headers
jahoti

07/28/2021

02:00 AM Revision 25817b68 (haketilo): Rationalize CSP violation report blocking.
Report blocking now applies iff scripts are blocked. jahoti

07/27/2021

11:41 AM Revision 2fa41a54 (haketilo): validate settings on import
koszko

07/26/2021

01:37 PM Revision 64afd5b9 (haketilo): provide a facility to sanitize externally-obtained JSON
koszko
12:10 PM Revision 5fcc9808 (haketilo): code maintenance
koszko
11:09 AM Revision 97b8e30f (haketilo): Squash more CSP-filtering bugs
On Firefox, original CSP headers are now smuggled (signed) in an x-orig-csp
header to prevent re-processing issues wi...
jahoti
11:09 AM Revision e402e036 (haketilo): Fix some bugs in the refined CSP handling
jahoti
11:09 AM Revision fba4820b (haketilo): [UNTESTED- will test] Use more nuanced CSP filtering
CSP headers are now parsed and processed, rather than treated as simple
units. This allows us to ensure policies deli...
jahoti
11:09 AM Revision 57e4ed2b (haketilo): Remove unnecessary imports of url_item and add a CSP header-parsing function
The parsing function isn't used yet; however, it will eventually be as a less
destructive alternative to handling hea...
jahoti

07/25/2021

02:00 AM Revision 24ad876c (haketilo): Squash more CSP-filtering bugs
On Firefox, original CSP headers are now smuggled (signed) in an x-orig-csp
header to prevent re-processing issues wi...
jahoti

07/23/2021

05:32 PM Revision d42dadca (haketilo): extract observables implementation from storage.js
koszko
 

Also available in: Atom