Revision 7ee7889a
Added by Wojtek Kosior about 2 years ago
| TODOS.org | ||
|---|---|---|
| 24 | 24 |
- test with more browser forks (Abrowser, Parabola IceWeasel, LibreWolf) |
| 25 | 25 |
- also see if browsers based on pre-quantum FF support enough of |
| 26 | 26 |
WebExtensions for easy porting |
| 27 |
- make sure page's own csp doesn't block our scripts |
|
| 27 |
- make sure page's own csp in <head> doesn't block our scripts
|
|
| 28 | 28 |
- make blocking more torough -- CRUCIAL |
| 29 | 29 |
- mind the data: urls -- CRUCIAL |
| 30 | 30 |
- find out how and make it possible to whitelist non-https urls and |
| ... | ... | |
| 39 | 39 |
- all solutions to modularize js code SUCK; come up with own simple DSL |
| 40 | 40 |
to manage imports/exports |
| 41 | 41 |
- perform never-ending refactoring of already-written code |
| 42 |
- when redirecting to target, make it possible to smartly recognize |
|
| 43 |
and remove previous added target |
|
| 42 |
- also implement support for whitelisting of non-https urls |
|
| 43 |
- validate data entered in settings |
|
| 44 |
- stop always using the same script nonce on given https(s) site (this |
|
| 45 |
improvement seems to be unachievable in case of other protocols) |
|
| 46 |
- besides blocking scripts through csp, also block connections that needlessly |
|
| 47 |
fetch those scripts |
|
| 48 |
- make extension's all html files proper XHTML |
|
| 44 | 49 |
|
| 45 | 50 |
DONE: |
| 46 | 51 |
- make it possible to use wildcard urls in settings -- DONE 2021-05-14 |
Also available in: Unified diff
when possible inject CSP as http(s) header using webRequest instead of adding a tag