Project

General

Profile

Download (4.99 KB) Statistics
| Branch: | Tag: | Revision:

haketilo / TODOS.org @ 261548ff

1
TODO:
2
- parallelize fetching of remote scripts
3
- allow specifying whether a script occurring mutiple times directly
4
  or indirectly in a bag should be included multiple times or once
5
- make it possible to provide backup urls for remote scripts
6
- make it possible to cache remote scripts
7
- optimize url querying
8
- make it possible to automatically download page's served scripts and save them (of course, this by itself -- CRUCIAL
9
  would give little benefit, but it will make it easy to modify this set of scripts - useful, if some of
10
  those scripts are already free, as is often the case)
11
  - also, find some convenient way to automatically re-add "on" events ("onclick" & friends)
12
- add some good, sane error handling
13
- get rid of those warnings and exceptions in console (many are not even related to this extension;
14
  who invented this thing?) (gecko-only)
15
- make page settings easily and conveniently editable in popup -- CRUCIAL
16
  - in popup make it possible to edit both main frame page's
17
    settings and settings for pages that currently happen to
18
    live in iframes
19
- add some nice styling to settings page
20
- make script bag components re-orderable (via drag&drop in options page) -- CRUCIAL
21
- find some way not to require each chrome user to modify manifest.json
22
- test with more browser forks (Abrowser, Parabola IceWeasel, LibreWolf)
23
- make sure page's own csp in <head> doesn't block our scripts
24
- create a repository to host scripts
25
  - enable the extension to automatically fetch script substitutes from the repo
26
- make it possible to inject scripts to arbitrary places in DOM
27
  - make script blocking code omit those scripts
28
- check if prerendering has to be blocked -- CRUCIAL
29
- block prefetch
30
- rearrange files in extension
31
- supplement the build script with a makefile, also produce zipped arifacts
32
- perform never-ending refactoring of already-written code
33
- also implement support for whitelisting of non-https urls
34
- validate data entered in settings
35
- stop always using the same script nonce on given https(s) site (this
36
  improvement seems to be unachievable in case of other protocols)
37
- besides blocking scripts through csp, also block connections that needlessly
38
  fetch those scripts
39
- make extension's all html files proper XHTML
40
- split options_main.js into several smaller files
41
- validate settings data on import
42
- rename the extension to something good
43
  - find some good hatchet icon and rename the extension to "Hachette"
44
    (unless someone suggests another good name before we do so)
45
- add an option to disable script blocking globally
46
- Add support to settings_query for non-standard URLs
47
  (e.g. file:// and ftp://)
48
- Process HTML files in data: URLs instead of just blocking them
49
- improve CSP injection for pathological cases like <script> before <head>
50
- Fix FF script blocking and whitelisting (FF seems to be by itself repeatedly
51
  injecting CSP headers that were injected once, this makes it impossible to
52
  whielist site that was unwhitelisted before; FF also seems to be removing our
53
  injected script's nonce for no reason 🙁)
54

    
55
DONE:
56
- find out if we can successfully use CSP to block file:// under FF -- DONE 2021-06-30
57
- come up with own simple DSL to manage imports/exports -- DONE 2021-06-30
58
- add some mechanism to build the extension -- DONE 2021-06-30
59
- see if browsers based on pre-quantum FF support enough of -- DONE 2021-06-29
60
  WebExtensions for easy porting (no, those we know dropped the support)
61
- make blocking more thorough -- DONE 2021-06-28
62
  - mind the data: urls -- CRUCIAL
63
- employ copyright file in Debian format -- DONE 2021-06-25
64
- find out what causes storage sometimes not to get initialized under IceCat 60 -- DONE 2021-06-23
65
- make it possible to export page settings in some format -- DONE 2021-06-19
66
- make it possible to use wildcard urls in settings -- DONE 2021-05-14
67
- port to gecko-based browsers -- DONE 2021-05-13
68
- find a way to additionally block all other scripts using CSP -- DONE 2021-05-13
69
- only allow a single injection payload for page -- DONE 2021-05-13
70
- rename "bundles" to "bags" to avoid confusion with Web Bundles -- DONE 2021-05-12
71
- use non-predictable value in place of "myext-allow", utilizing hashes -- DONE 2021-05-12
72
- stop using modules (not available on all browsers) -- DONE 2021-05-12
73
- clean up the remnants of LibreJS -- DONE 2021-05-12
74
- implement whitelisting -- DONE 2021-05-07
75
- find way to also block scripts in non-http pages (e.g. file://) -- DONE 2021-05-07 (via content scripts, may not be perfect)
76
  (NoScript seems to be doing this through CSP)
77
- make page settings easily and conveniently editable in a separate window/tab -- DONE 2021-05-05
78
- replace comparisons with stricter ones (e.g. do `if(foo === undefined)` instead of `if(!foo)`) -- DONE
79
- make local storage safe (serialize storage accesses in background script) -- DONE
80
- split main.js into multiple files -- DONE 2021-01-05
81
- make it possible to store entire script files in storage (not just links) -- DONE 2021-01-05
82
  - make it possible to re-use the same script or set of scripts multiple times -- DONE 2021-01-05
(2-2/5)