replace cookies with synchronous XmlHttpRequest as policy smuggling method.
Note: this breaks Mozilla port of Haketilo. Synchronous XmlHttpRequest doesn't work as well there. This will be fixed with dynamically-registered content scripts later.
rename the extension to "Haketilo"
disable service workers when scripts are blocked
restore compatibility with IceCat 60
simplify CSP handling
All page's CSP rules are now removed when a payload is to be injected. When there is no payload, CSP rules are not modified but only supplemented with Hachette's own.
Fix sanitizing of non-HTML XMLDocument's
re-enable sanitizing of data: URLs and also sanitize intrinsics on non-HTML pages where CSP doesn't work
fix script blocking bug under Chromium
merge changes before version 0.1
disable payload injection on non-html pages
Also available in: Atom