Activity - Haketilo - Hydrilla issue tracker

Activity

From 07/23/2021 to 08/21/2021

08/20/2021

12:57 PM Revision d09b7ee1 (haketilo): sanitize `<meta>' tags containing CSP rules under Chromium: This commit adds a mechanism of hijacking document when it loads and injecting sanitized nodes to the DOM from the le... koszko

08/18/2021

08:54 PM Revision 3d0efa15 (haketilo): remove unneeded policy-related cosole messages; restore IceCat 60 compatibility: koszko
05:53 PM Revision 014f2a2f (haketilo): implement smuggling via cookies instead of URL: koszko
05:51 PM Revision 0bbda8fc (haketilo): enhance our bundler to protect top-level `this' from accidental clobbering: koszko

08/17/2021

02:00 AM Revision 9e280d45 (haketilo): Begin work on a Hydrilla-compatible virtual website for testing: The file test/gorilla.py will help with testing respositories.
It also provides a CLI Hydrilla > Hachette fix converter. jahoti
02:00 AM Revision e9b7f4d7 (haketilo): Enable the hijacking proxy in the test suite to serve responses: jahoti
02:00 AM Revision 5b7c9edb (haketilo): Merge remote-tracking branch 'origin/master' into jahoti: jahoti

08/14/2021

10:07 AM Revision 443bc095 (haketilo): merge facility to install from Hydrilla: koszko
09:54 AM Revision ae1844f9 (haketilo): merge csp-PoC: koszko
02:00 AM Revision 6fda8ea5 (haketilo): Revert changes to content/main.js to commit 25817b68c*: It turns out modifying the CSP headers in meta tags has no effect. jahoti

08/10/2021

08:18 PM Revision 2fbab2f0 (haketilo): change default repository URL: koszko

08/06/2021

05:17 PM Revision 792fbe18 (haketilo): Facilitate installation of scripts from the repository: This commit includes:
* removal of page_info_server
* running of storage client in popup context
* extraction of some... koszko
02:00 AM Revision 7796e554 (haketilo): Add the beginnings of a test suite: jahoti

08/05/2021

08:44 PM Revision 90896bcf (haketilo): enable modularization of html files: koszko

08/04/2021

10:01 PM Revision 5957fbee (haketilo): make settings_query.js use storage object passed as an argument: koszko

08/02/2021

02:00 AM Revision 5b419aed (haketilo): [UNTESTED- will test] Add filtering for http-equiv CSP headers: jahoti

07/28/2021

02:00 AM Revision 25817b68 (haketilo): Rationalize CSP violation report blocking.: Report blocking now applies iff scripts are blocked. jahoti

07/27/2021

11:41 AM Revision 2fa41a54 (haketilo): validate settings on import: koszko

07/26/2021

01:37 PM Revision 64afd5b9 (haketilo): provide a facility to sanitize externally-obtained JSON: koszko
12:10 PM Revision 5fcc9808 (haketilo): code maintenance: koszko
11:09 AM Revision 97b8e30f (haketilo): Squash more CSP-filtering bugs: On Firefox, original CSP headers are now smuggled (signed) in an x-orig-csp
header to prevent re-processing issues wi... jahoti
11:09 AM Revision e402e036 (haketilo): Fix some bugs in the refined CSP handling: jahoti
11:09 AM Revision fba4820b (haketilo): [UNTESTED- will test] Use more nuanced CSP filtering: CSP headers are now parsed and processed, rather than treated as simple
units. This allows us to ensure policies deli... jahoti
11:09 AM Revision 57e4ed2b (haketilo): Remove unnecessary imports of url_item and add a CSP header-parsing function: The parsing function isn't used yet; however, it will eventually be as a less
destructive alternative to handling hea... jahoti

07/25/2021

02:00 AM Revision 24ad876c (haketilo): Squash more CSP-filtering bugs: On Firefox, original CSP headers are now smuggled (signed) in an x-orig-csp
header to prevent re-processing issues wi... jahoti

07/23/2021

05:32 PM Revision d42dadca (haketilo): extract observables implementation from storage.js: koszko

Also available in: Atom