1
0
mirror of https://github.com/gorhill/uBlock.git synced 2024-11-09 12:22:33 +01:00
Commit Graph

5124 Commits

Author SHA1 Message Date
gorhill
0d18d996be
fix #3006 2017-09-11 17:02:44 -04:00
Raymond Hill
d3cd79c5b0 Update CONTRIBUTING.md 2017-09-11 10:23:34 -04:00
gorhill
dfe18111b9
fix #1539 2017-09-11 09:53:42 -04:00
gorhill
462406ecf1
add Adguard's Annoyance List to stock filter lists 2017-09-10 13:14:14 -04:00
gorhill
c641cadea9
rename "Social" filter list category to "Annoyances" 2017-09-10 13:02:04 -04:00
gorhill
355dbc00ba
fix #2997 2017-09-10 12:39:56 -04:00
gorhill
651da7157a
remove obsolete lists: reek's anti-adblock-killer, immortal_domains 2017-09-10 08:33:41 -04:00
gorhill
fa9aa68da3
new revision for dev build 2017-09-05 19:53:57 -04:00
gorhill
1a3df881d0
code review: handle tab gone + decrease user css overhead 2017-09-05 19:51:16 -04:00
gorhill
2660bee0d2
fix #2919 2017-09-05 19:49:48 -04:00
Raymond Hill
162d612317 Update README.md 2017-09-04 07:29:20 -04:00
Raymond Hill
6fc94401b7 Update README.md 2017-09-04 07:27:53 -04:00
Raymond Hill
9518279901 Update README.md 2017-09-04 07:27:38 -04:00
Raymond Hill
d0fe240b83 Update README.md 2017-09-04 07:26:33 -04:00
Raymond Hill
5f7202f7f7 Update README.md 2017-09-04 07:25:40 -04:00
Raymond Hill
6682640685 Update README.md 2017-09-04 07:23:32 -04:00
gorhill
d19780fcb5
new revision for stable release 2017-09-03 21:45:21 -04:00
gorhill
f8dac35f42
new revision for release candidate 2017-09-02 18:27:41 -04:00
gorhill
867eeebc19
fix #2957 2017-09-02 18:27:03 -04:00
gorhill
937e8a048d
new revision for stable release 2017-09-02 16:18:42 -04:00
gorhill
537df0f619
new revision for release candidate 2017-09-02 11:57:36 -04:00
gorhill
40cfd1505e
further fix #2950: FF56 also suffers non-punycoded URLs 2017-09-02 11:56:59 -04:00
gorhill
8116afabc4
use "let": this code is not meant for chromium 2017-09-02 09:57:44 -04:00
gorhill
2598f48a34
new revision for release candidate 2017-09-02 08:27:43 -04:00
gorhill
000d15d8ab
code review: try to remove not found keys from storage.local 2017-09-02 07:08:07 -04:00
gorhill
a0c595d02d
fix #2950 2017-09-02 06:11:33 -04:00
gorhill
c0f42c5021
drop webext-hybrid build 2017-09-01 20:12:49 -04:00
gorhill
13afea5405
new revision for release build 2017-09-01 17:36:23 -04:00
gorhill
511d8a098e
fix #2945 2017-09-01 17:34:33 -04:00
gorhill
194951d3bd
new revision for dev build 2017-08-31 14:37:42 -04:00
gorhill
8b4b1fa9db
properly fix #2938 2017-08-31 14:17:55 -04:00
gorhill
5cc7a3a852
new revision for dev build 2017-08-30 23:13:28 -04:00
gorhill
4d3ac0d980
new revision for emergency fix 2017-08-30 19:10:03 -04:00
gorhill
2600a400b7
Merge branch 'master' of github.com:gorhill/uBlock 2017-08-30 19:03:10 -04:00
gorhill
73387e54ad
fix #2938 2017-08-30 19:03:02 -04:00
Raymond Hill
3f0aa0d00d Update CONTRIBUTING.md 2017-08-30 15:32:54 -04:00
Raymond Hill
ab1b23a398 Update CONTRIBUTING.md 2017-08-30 12:37:18 -04:00
gorhill
b5035b2e0b
new release: skip webext-hybrid and go pure webext 2017-08-30 11:18:55 -04:00
gorhill
17d54f6ded
new revision for release candidate 2017-08-30 09:34:12 -04:00
gorhill
126110c9a0
remove ability to pull latest version of resources.txt from remote repo.
This is required as per Firefox extension reviewers. Mail exchange:

========

Reviewer:
> Do I read the code correctly that you are executing remote JS by
> downloading/updating from
> https://raw.githubusercontent.com/uBlockOrigin/uAssets/master/filters/resources.txt
> and injecting scripts in contentscripts.js?

Me:
> Yes, resources.txt contains scriptlets or other resources used to:
>
> - Minimize potential page breakage (e.g. google-analytics.com/ga.js);
> - Defuse anti-blockers (e.g. bab-defuser.js);
> - Defuse anti-blockers or minimize page breakage through redirection
> (e.g. 2x2-transparent.png)
>
> This is not a new feature -- this is also part of the legacy version,
> and I consider this is a major feature of uBO. Given how fast things can
> change out there, this allows me to quickly push fixes when a new issue
> is reported for a site without having to go through a full update of the
> extension.

Reviewer:
> I am aware that this is not a new feature. I am unclear why it has been
> allowed in the past, since it violates our policy about remote code
> execution. I assume it was missed due to the fairly complex codebase.
>
> I can approve this version so you are not blocked on the migration, but
> eventually, you cannot use functionality that executes remote code.
> Since we're moving to a more automated review process, you will be able
> to ship new versions without being blocked on a human review.

Me:
> Do I understand correctly that extensions such as TamperMonkey or
> ViolentMonkey won't be allowed on AMO?
>
> Those extensions are even more permissive than uBO given a user can
> import scripts from any source, while with uBO only scriptlets which are
> part of the project are allowed.

Reviewer:
> The key difference between add-ons like Tampermonkey and uBO is that in
> Tampermonkey, users are making an active and conscious decision to
> download and execute that specific code. In uBO, the user did not
> initiate that download/execution, nor are they even aware of it
> happening.

Me:
> So users of TamperMonkey -- tech-savvy or not -- can download & inject
> countless 3rd-party user scripts from countless authors, have them
> update on their own automatically at regular interval with no user
> intervention.
>
> On the other hand, it's not acceptable for me, the author of the
> extension, who users implicitly trusted when installing the extension,
> who is completely controlling and vouching for the content of
> "resources.txt", to have this one 1st-party resource file[1] to be
> updated at regular interval with no user intervention.
>
> So anyways, what is expected from me at this point? Do I need to remove
> scriptlet injection and resource redirection features? Do I need to
> remove only the updating part of resources.txt?
>
> [1] key to core features of uBO (counter anti-blockers + page breakage
> mitigations) and possibly an important factor in installing the
> extension.

========

Now about this commit: the purpose of the code change here is to
prevent "resources.txt" -- which is part of the package -- from being
updated -- this applies only to the Firefox webext[-hybrid] version
of uBO.
2017-08-30 09:15:06 -04:00
gorhill
d165432ded
deal properly with indexedDB not being available (#2925) 2017-08-30 08:41:22 -04:00
gorhill
b1842ddf16
new revision for dev build 2017-08-29 18:32:46 -04:00
gorhill
beb7933016
fix #2925 2017-08-29 18:32:00 -04:00
gorhill
572aecc517
import indexedDB-based vAPI.cacheStorage as is from d1538ea9be 2017-08-28 15:30:01 -04:00
gorhill
fe4c59ec90
new revision for release candidate 2017-08-24 18:30:55 -04:00
gorhill
b2e89c9ece
generate better regex for hostname-anchored generic filters 2017-08-24 18:30:05 -04:00
gorhill
c31d29c2e3
fix bad test: regression from fdcc9515 2017-08-24 17:54:27 -04:00
gorhill
8758dfc061
fix AMO error: "Legacy add-ons are not compatible with Firefox 57 or higher. Use a maxVersion of 56.* or lower" 2017-08-23 08:02:40 -04:00
gorhill
2f922192c3
fix #2892: set proper minimum version for Opera 2017-08-23 07:27:53 -04:00
gorhill
592d5da490
new release 2017-08-22 23:51:02 -04:00