Revision edbbe400
Added by jahoti about 2 years ago
TODOS.org | ||
---|---|---|
19 | 19 |
- add some nice styling to settings page |
20 | 20 |
- make script bag components re-orderable (via drag&drop in options page) -- CRUCIAL |
21 | 21 |
- find some way not to require each chrome user to modify manifest.json |
22 |
- rename the extension to something good |
|
23 | 22 |
- test with more browser forks (Abrowser, Parabola IceWeasel, LibreWolf) |
24 | 23 |
- also see if browsers based on pre-quantum FF support enough of |
25 | 24 |
WebExtensions for easy porting |
26 | 25 |
- make sure page's own csp in <head> doesn't block our scripts |
27 |
- make blocking more torough -- CRUCIAL |
|
28 |
- mind the data: urls -- CRUCIAL |
|
29 | 26 |
- find out how and make it possible to whitelist non-https urls and |
30 | 27 |
whether we can inject csp to them |
31 | 28 |
- create a repository to host scripts |
... | ... | |
47 | 44 |
- make extension's all html files proper XHTML |
48 | 45 |
- split options_main.js into several smaller files |
49 | 46 |
- validate settings data on import |
50 |
- find some good hatchet icon and rename the extension to "Hachette" (unless |
|
51 |
someone suggests another good name before we do so) |
|
47 |
- rename the extension to something good |
|
48 |
- find some good hatchet icon and rename the extension to "Hachette" |
|
49 |
(unless someone suggests another good name before we do so) |
|
52 | 50 |
- add an option to disable script blocking globally |
51 |
- Add support to settings_query for non-standard URLs |
|
52 |
(e.g. file:// and about:) |
|
53 |
- Process HTML files in data: URLs instead of just blocking them |
|
53 | 54 |
|
54 | 55 |
DONE: |
56 |
- make blocking more torough -- DONE 2021-06-28 |
|
57 |
- mind the data: urls -- CRUCIAL |
|
55 | 58 |
- employ copyright file in Debian format -- DONE 2021-06-25 |
56 | 59 |
- find out what causes storage sometimes not to get initialized under IceCat 60 -- DONE 2021-06-23 |
57 | 60 |
- make it possible to export page settings in some format -- DONE 2021-06-19 |
Also available in: Unified diff
License script-blocking techniques from NoScript in machine-readable format.
In-page blocking now works on Firefox, and JavaScript/data- URLs are properly
blocked to ensure no JavaScript leaks in through backdoors. Blocking of HTML/XML
data: urls should be refined (eventually) to align with current practice for
pages in general.
Also, script-blocking is now filtered by nonce, making it possible (albeit
perhaps not desirable) to inject scripts before the DOM is complete.