Changelog

ScriptSafe is one of my major side-projects. ScriptSafe is an extension for the Google Chrome browser with the aim of enhancing security and privacy by giving the user control over what content pages load.

v1.0.9.x

  • v1.0.9.1 (Thursday, January 26, 2017) –
    • Added option to block Data URLs (data:text/html) to protect users against new phishing attacks (disabled by default, found in “General Settings”)
    • Added the ability to set ScriptSafe’s interface language (found at the top of the Options page)
    • Improved ScriptSafe panel scalability in terms of font size and screen resolution
    • Fixed occasional panel loading issue when NOSCRIPT blocking and Ratings are both enabled
    • Added option to show or hide the ScriptSafe context (right-click) menu
    • Added ability to manually add domains to fingerprint whitelists
    • Minor update to the Chinese – Simplified translation
    • Updated unwanted content providers list
    • Minor optimizations
  • v1.0.9.0 (Wednesday, January 18, 2017) –
    • Several improvements have been made to the ScriptSafe panel:
      • Changed to a one-column layout to better accommodate all languages and long domain names
      • Fixed scrollbar issue where it would sometimes not scroll unless the bar itself was dragged
      • Allows users to open several domains’ ratings without having to reopen the panel each time
      • Resolved issue with unscrollable long lists in other Chrome-based browsers
      • Improved ability to access the Options, Refresh, Close buttons
      • Domain control buttons are now all consistently displayed
    • Added the ability to Block WebVR Enumeration (under Fingerprint Protection, option is disabled by default so feel free to enable it)
    • Added ScriptSafe options to the right-click context menu (useful for popup windows with no controls)
    • Fixed uncleared icon counter when there are blocked items for a tab and then ScriptSafe is disabled
    • Improved Google Analytics (UTM) Tracking Removal to also strip out the utm_name parameter
    • Added Spanish locale (thank you Enrique Arróniz Ramos!)
    • Updated unwanted content providers list
    • Minor update to Swedish locale
    • Minor code optimizations

v1.0.8.x – “Can’t Touch This”

  • v1.0.8.5 (Friday, December 23, 2016) –
    • Resolved issue where blocked items were sometimes not being listed in the panel
    • Added the ability to selectively disable Fingerprint Protection on a per-domain, per-option basis
    • Added more control over Referrer Spoofing (thanks AykutCevik)
    • Improved Audio Fingerprint Protection to block AudioContext and webkitAudioContext
    • Improved Block Device Enumeration to block mediaDevices.enumerateDevices()
    • Made Battery Fingerprint Blocking more compatible with sites (thanks TjWallas)
    • Included translations for 13 new languages: Chinese – Simplified, Chinese – Traditional, Czech, Dutch, French, German, Hungarian, Italian, Korean, Latvian, Romanian, Russian, and Swedish (thanks to all translators listed at the bottom of this page)
    • Improved syncing of existing rules if upgrading from a pre-v1.0.7.0 instance
    • Added a reload icon to the panel
    • Updated unwanted content providers list
    • Updated available Operating System and Browsers for User Agent spoofing
    • Resolved minor issue with Referrer Spoof and User-Agent Spoof options display
    • ScriptSafe is now released under the GNU GPLv3 license
  • v1.0.8.1-v1.0.8.4 (Saturday, July 9, 2016) –
    • Japanese translation added
    • Updated the panel to better adjust to translations that have long phrases (e.g. changed “Rating” button to a star icon with a description on hover)
    • Added ability on the Options page to quickly move whitelist/blacklist entries to the other list (e.g. move a whitelist entry to the blacklist)
    • Enhance “Prevent Clipboard Interference” feature to protect against execCommand(‘copy’) and execCommand (‘cut’) calls
    • Fix issue where some elements were not being listed under “Blocked Items”
    • Updated unwanted content providers list
  • v1.0.8.0 (Thursday, June 30, 2016) –
    • Revamped the design of this page and the Options page: wider layout, larger/more readable words, and intuitive buttons. On the new Options page you are able to toggle between Grouped and List views by clicking on the button in the top-right corner.
    • Added a new Fingerprinting Protection section with the following options (all disabled by default):
      • Canvas Fingerprint Protection – protect against fingerprinting attempts through <canvas> elements, with the following options:
        • Disabled
        • Blank Readout (serve an empty canvas with the original dimensions)
        • Random Readout (serve an empty canvas with random dimensions)
        • Completely Block Readout (refuse to serve any data)
      • Block Audio Fingerprinting – prevent fingerprinting via the AudioContext API
      • Block WebGL Fingerprinting – prevent fingerprinting via the WebGL API
      • Block Battery Fingerprinting – prevent fingerprinting via the Battery API
      • Block Device Enumeration – prevent having hardware devices detected via the WebRTC API
      • Block Gamepad Enumeration – prevent having hardware devices detected via the Gamepad API
      • Block Canvas Font Access – prevent system fonts from being enumerated through <canvas> elements
      • Block Client Rectangles Fingerprinting – prevent fingerprinting through calculating element client rectangles)
      • Reduce Keyboard Fingerprinting (for advanced users) – make keypress timings more random to increase anonymity (note: adds a random delay between keypresses))
      • I recommend enabling all of the above options (except the last two) for increased privacy, and based on your needs disable the options that interfere with your usage.
    • Added Remove Google Analytics (UTM) Tracking option (under Privacy Settings) – remove Google Analytics (UTM) tracking tokens before they’re actually passed to the server (disabled by default)
    • Added Remove Possible Hash Tracking option (under Privacy Settings) – remove possible tracking tokens passed using hash, where there is an attribute and value (e.g. #xtor=RSS-1) (disabled by default)
    • Added Spoof Timezone option (under Privacy Settings) – spoof or randomize your timezone; useful if you use VPN (disabled by default)
    • Added Prevent Clipboard Interference option (under Behavior Settings) – prevent pages from interfering with clipboard actions (disabled by default)
    • Added option to apply user-agent spoofing on whitelisted domains as well (default behaviour is to disable spoofing on whitelisted domains to avoid issues, but enabling this option will spoof the user-agent regardless)
    • Added Save as Text File functionality to the Export Settings portion in the Options page
    • Fix Panel expand issue for Mac OS X users
    • Updated unwanted content providers list
    • Created a beta testing signup form. If you sign up to become a beta tester, you will be emailed when there is a new version ready to be tested before being pushed to the Chrome Web Store. Sign up to be a beta tester!
    • I now have a Bitcoin address due to inquiries from people wary of PayPal but wanted to still donate!

v1.0.7.x – “I Can’t Believe It’s Not Butter!”

  • v1.0.7.15 (Tuesday, June 21, 2016) –
    • Added a new Fingerprinting Protection section with 8 new options (disabled by default):
      • Canvas Fingerprint Protection – protect against fingerprinting attempts through <canvas> elements, with the following options:
        • Disabled
        • Blank Readout (serve an empty canvas with the original dimensions)
        • Random Readout (serve an empty canvas with random dimensions)
        • Completely Block Readout (refuse to serve any data)
      • Block Audio Fingerprinting – prevent fingerprinting via the AudioContext API
      • Block WebGL Fingerprinting – prevent fingerprinting via the WebGL API
      • Block Battery Fingerprinting – prevent fingerprinting via the Battery API
      • Block Device Enumeration – prevent having hardware devices detected via the WebRTC API
      • Block Gamepad Enumeration – prevent having hardware devices detected via the Gamepad API
      • Block Canvas Font Access – prevent system fonts from being enumerated through <canvas> elements
      • Reduce Keyboard Fingerprinting (for advanced users) – make keypress timings more random to increase anonymity (note: adds a random delay between keypresses))
      • I recommend enabling all of the above options (except the last) for increased privacy, and based on your needs disable the options that interfere with your usage.
    • Added new option: “Prevent Clipboard Interference” (under “Behavior Settings”) – prevent pages from interfering with clipboard actions (disabled by default)
    • Updated unwanted content providers list
  • v1.0.7.13 (Thursday, June 16, 2016) –
    • Improved page processing performance (removed significant lag when loading large lists on a page)
    • Ensure WebRTC check is completely cleaned up to not interfere with device power management
    • Updated “Documentation” links within ScriptSafe to point to a newly created ScriptSafe site
      • It features a Configuration Sets page where you can find the default settings as well as my personal settings
      • Up until now Github Wiki was used, but due to a constant error upon saving (and no progress when I reported it last week), I had no choice but to migrate everything over to my site
    • Updated unwanted content providers list
  • v1.0.7.12 (Tuesday, June 14, 2016) –
    • Updated options for “Block Click-Through Referrer”, whichs blocks referrer information when clicking on third-party links:
      • Disabled – feature is disabled
      • Only on Unwhitelisted Domains – only applies to pages on unwhitelisted domains
      • All Domains – applies to third-party links on every domain, even if whitelisted
      • Default: “Only on Unwhitelisted Domains” (as setting it to “All Domains” may cause issues (e.g. thumbnails in Tweetdeck))
    • Corrected blocking behaviour if using “Allow” as “Default Mode”
    • Improve compatibility with other Chrome extensions
    • Updated unwanted content providers list
  • v1.0.7.11 (Monday, June 13, 2016) –
    • Further important compatibility fixes for ScriptSafe to work in Chrome-derivative browsers (e.g. not crash)
    • Greatly reduced page load times/CPU usage if using large lists and “Block Click-Through Referrer” enabled
    • Removed update notification messages based on feedback
    • Better behaviour when visiting pages on blocked domains
    • Better handling of post-page-load inserted content
    • Updated unwanted content providers list
  • v1.0.7.10 (Friday, June 10, 2016) –
    • Important compatibility fix for ScriptSafe to work in Chrome-derivative browsers
    • Added more granularity for the Respect Same-Domain option. The three options are now:
      • Disabled
      • Strict – allow same domain only
      • Loose – allow same domain and subdomains (this was the behaviour if Respect Same-Domain was enabled in the past)
    • Better inline element removal
    • Updated unwanted content providers list
  • v1.0.7.9 (Thursday, June 9, 2016) –
    • Announcement: changes to ScriptSafe updates
    • Significant performance increase, due to improved list checking (how significant? Check it out!)
    • Added new option: Paranoia Mode – block allowed domains on unknown tabs (default: disabled)
      • Feel free to enable this option for added security, and uncheck if you prefer to browse without it
      • This is disabled by default as it changes how ScriptSafe behaves up until now
      • I personally recommend enabling it
    • Smart grouping of domains in the panel based on parent domain
    • Added support for recognizing and filtering new tab pages
    • Minor fixes to hotkey function, options page, and panel
    • Better distinction between webbugs and images
    • Updated unwanted content providers list
  • v1.0.7.8 (Sunday, June 5, 2016)
    • Updated list searching to eliminate noticeable lag when browsing if you have a large whitelist/blacklist
    • Reverted update change to “Respect Same-Domain” behaviour; while I had good intentions, it required you to allow a page to load which would allow it globally
    • If experienced issues with panel opening previously, it should now open more consistently and entirely
    • Improved IPv6 compatibility
    • Updated unwanted content providers list
  • v1.0.7.7 (Saturday, June 4, 2016) – added option to hide update notifications, fixed syncing, added hotkey support (temporarily allow/block resources for a tab (default: CTRL+SHIFT+S), clear temporary permissions for a tab (default: CTRL+SHIFT+R), and clear all temporary permissions (default: CTRL+SHIFT+Q) => to configure, go to Chrome Settings, Extensions, and at the bottom click on Keyboard Shortcuts), made revoking temp. permissions in the panel more granular (for current page OR entire session), updated unwanted content providers list
  • v1.0.7.4-6 (Thursday, June 2, 2016) – noticeable performance increase, greatly reduced unwanted content providers false positives, improved ScriptSafe panel display, updated links to point to new documentation on Github (.5 = minor fixes for panel and trusting a domain; .6 = polished panel display)
  • v1.0.7.3 (Wednesday, June 1, 2016) – tweaked panel behaviour and handling of scenarios (e.g. whitelisting a temp. allowed domain), added check in ScriptSafe panel if ScriptSafe auto-updated to alert user to refresh the tab
  • v1.0.7.2 (Tuesday, May 31, 2016) – better blocking (whitelisted domain resources loaded on a blacklisted domain will be blocked), more overall performance improvements, reduced ScriptSafe panel code by almost 20% while further tweaking its performance, and addressed a sporadic bug where the panel occasionally wouldn’t completely display
  • v1.0.7.1 (Monday, May 30, 2016) – optimized ScriptSafe panel performance, fixed one-time whitelist/blacklist update (for trusted/distrusted domains), and also from this version onwards ScriptSafe will notify you it will wait for a browser restart in order to auto-update
  • v1.0.7.0 (Monday, May 30, 2016):
    • significant performance improvements from a major overhaul of the core domain matching logic and other tweaks throughout ScriptSafe
    • domain whitelisting/blacklisting now supports basic regex: entire domain, wildcard, and single character matching (more info in Options page – you may want to revisit your whitelist/blacklist and revise accordingly)
    • added IPv6 address whitelist/blacklist support (e.g. [2001:4860:0:2001::68] – must contain square brackets)
    • added a check and notification in the Options page if WebRTC Protection isn’t supported by the current Chrome version
    • allowed XMLHTTPREQUEST items are now listed in the ScriptSafe dialog to allow for blacklisting
    • added option to control all XMLHTTPREQUEST items
    • reduced pre-specified whitelist to just “*.googlevideo.com” (for basic YouTube support). Rationale: it should not be up to anyone to predefine what is “acceptable” to load. With the update to the domain matching logic, matching is now more reliable.
    • updated sync notifications to use the new chrome.notifications API
    • updated unwanted content providers and antisocial lists
    • updated core logic so that if there are any whitelist/blacklist conflicts, the whitelist is applied first

v1.0.6.x – “We Feel Safe in a Dangerous Place”

  • v1.0.6.19 (Friday, May 27, 2016): added WebRTC Protection – requires Chrome v48 or newer (“Protect Local IP” by default; visit Options page for additional choices), overall code and performance optimization, updated unwanted content providers and antisocial lists, updated jQuery to latest version (2.2.4), updated browsers and operating systems (for the User-Agent Spoofing option), moved project to Github and updated the links within ScriptSafe accordingly
  • 1.0.6.17: implemented true inline script blocking (credits to gorhill and the HTTP Switchboard project)
  • 1.0.6.16: fixed minor bugs (thanks vnagarnaik again!)
  • 1.0.6.15: addressed high CPU/RAM usage (thanks vnagarnaik!), updated and optimized the Unwanted Content Providers blacklist, which should fix many of the false positives reported, optimized webbug blocking capabilities, fixed issue where the raw HTML code of NOSCRIPT elements were being displayed, added a tab data cleanup function to run every 10 minutes to free up unused memory, fixed duplicate confirmation messages on Option page, minor tweak to button colours in popup widget, minor code optimizations
  • v1.0.6.13: improved ScriptSafe popup widget to not group ordinary blocks with antisocial/unwanted matches (e.g. apis.google.com/js/plusone.js vs the “card” and “payment” APIs also under the apis.google.com domain)
  • v1.0.6.12: fixed whitelist/blacklist site modification issue in Options page (issue #157)
  • v1.0.6.11:
    • optimized filtering speed (slightly refactored the main blocking function)
    • improved blocking of Unwanted Content Domains and Antisocial domains
    • for blocked iframes, a blank page will be loaded instead of the “This web page was blocked by an extension” error page
    • added a few more domains to the Antisocial list (e.g. Google+)
    • fixed image blocking (issue #20 (thanks drdaeman))
    • more reliable blocking of inline scripts (issue #161)
    • removed two sites from the unwanted content providers list (passport.baidu.com and rottentomatoes.com) (issue #96)
    • fixed “Disable” bug (issue #112)
    • there were some syncing bugs that caused whitelists/blacklists to be cleared, which all should be fixed in this version (v1.0.6.11). Whitelist/blacklist syncing was a dream of mine for this extension and I was admittedly too eager to share it with you when I had it working. I have included a button in the Options page to hopefully restore your whitelist/blacklist; it has worked for a few users, but I cannot guarantee it will work in every case. I apologize immensely if you had your whitelist/blacklist deleted.
  • v1.0.6.10: made syncing more robust (tested extensively between my two PCs); added an option to be notified when settings are synced from your Google account; tweaked popup widget “Clear” button behaviour; fixed minor bug in Options page (when removing a domain from a whitelist/blacklist)
  • v1.0.6.9: fixed syncing issue by adding a check (user setting); miscellaneous bug fixes; note: syncing does not seem to be working for MacOS
  • v1.0.6.8: fixed major bug where whitelist/blacklist would seem to be “erased”. Created a built-in restore process to restore your lists. My sincere apologies everyone.
  • v1.0.6.5: fixed a minor potential issue with importing synced whitelists/blacklists into ScriptSafe
  • Implemented webbugs patch from martin.b
  • Fixed issue where the close button in the ScriptSafe details popup won’t close the popup
  • Streamlined syncing to take up significantly less nodes
  • Improved support for the syncing of very large blacklists/whitelists
  • Added a notification pop-up that will appear in the bottom-right corner of your screen when your settings have been successfully synced (you can disable this in the Options page)
    • Note: this WILL NOT show when settings have been synced FROM your Google Account, only TO, to prevent headaches 😉
  • Added the ability to force Settings Syncing TO and FROM your current device in the Options page
  • Auto-syncing will occur 30 seconds after the last settings/whitelist/blacklist update in order to ensure compliance with the rate limits Google has set (10 per minute and 1,000 per hour)
  • Added maps.gstatic.com to the default whitelist for new users for Google Maps Streetview support (if you’re an existing user, feel free to add this to your whitelist; it’s not in my intention to forcefully whitelist things for you!)
  • v1.0.6.3: renamed to “ScriptSafe” from “ScriptNo”

Pre-Syncing Capabilities

v1.0.6.2 – Saturday, February 18, 2012
– fall-back to previous blocking methods implemented => no more requirement to be using Chrome v17 *nod to the KNOS Project*. Don’t worry, the new reliable blocking features using the new APIs will still work, if supported!
– addresses issues 64, 66, 72, and 73
– able to set custom referrer values now
– added FAQs link to tab popup
– minor tweaks to Options page and tab popup
– please check out the updated FAQs page to see if it answers any questions you may have 🙂 (especially playing nicely with other extensions) => http://code.google.com/p/scriptno/wiki/FrequentlyAskedQuestions

v1.0.6.1 – changelog missing…

v1.0.6.0 – Wednesday, February 15, 2012
-Faster and more reliable blocking (webRequest and contentSettings APIs). Subsequently, the minimum Chrome version requirement to use ScriptNo is now v17.0.
-Less memory usage (no exact quantity, but it seems to be a significant decrease)
-Truly blocks inline scripts
-New features:
–Block Unwanted Cookies – block cookies from being set by domains in the unwanted content domain list (Default: Enabled)
–User-Agent Spoof – spoof your browser and operating system (Default: Disabled)
–Referrer Spoof – spoofs the referrer for all requested resources (options: Same Document, Same Domain, Off) (Default: Same Domain)
–Block Cross-Domain XML – block cross-domain XML HTTP Requests (Default: Enabled)
-Shows why a domain has been blocked in the tab widget (e.g. “Unwanted” or “Antisocial”)
-Fixed Issues 42, 46, 49, 59, and 60
-Updated unwanted content domains list (domains compiled and optimized from MVPS HOSTS, hpHOSTS (ad / tracking servers), Peter Lowe’s HOSTS Project, MalwareDomainList.com, and DNS-BH – Malware Domain Blocklist)
-Some code and interface polishing
-Made “Disable and Remove <NOSCRIPT>” disabled by default

v1.0.5.x – “We don’t need no stinkin’ site garbage!”

v1.0.5.52 – Thursday, December 8, 2011
-updated Options page to automatically strip out “http:// and “https:// when adding domains to the whitelist/blacklist
-updated unwanted content domain list
-addressed “Bulk Session Allow/Block” bug (Issue #4)
-updated WebRequest API references in Experimental build to point to chrome.WebRequest

v1.0.5.50 – Thursday, December 1, 2011
-updated unwanted content domain list
-minor code clean-up
-added update notification page

v1.0.5.48-1.0.5.49 – Tuesday, November 15, 2011
-chrome-extension:* will not appear in the “Allowed” list
-Experimental Version:
–added option to block cross-domain XML HTTP Requests
-fixed user-agent/referrer/cookie spoofing/blocking
–minor optimizations made
–browser user-agent not spoofed on whitelisted domains and in the Chrome Webstore
^ all this translates into preparation for when the WebRequest and ContentSettings APIs are made stable

v1.0.5.47 – Monday, November 14, 2011 (back from my trip!)
-updated to jQuery 1.7
-fixed “Clear” button behaviour in tab widget
-partial workaround to play nicely with other Chrome extensions (bypasses “chrome-extension:*”; not working fully (yet))
-updated unwanted content domain list

v1.0.5.46 – Sunday, October 2, 2011
– changed priority between whitelist/blacklist (made blacklist first priority)

v1.0.5.45 – Saturday, October 1, 2011
-fixed Trust button in tab popup
-added “Distrust” button
-minor tweaks to tab popup and Options page
-updated unwanted content domain list

v1.0.5.42-1.0.5.43 – Thursday, September 29, 2011
-Options page:
-added “Block Top-Level” option to Blacklist items [Issue #12]
-renamed “Trust” to “Trust Top-Level” [associated with Issue #12]
-fixed issue when deleting domains (previously it would delete other similar entries) [Issue #11]
-enhanced the behaviour when adding wildcarded domains (“*.asdf.com”) to detect if other entries already exist for the domain and prompt the user if they would like to remove those entries (as they would be redundant with the addition of the wildcarded domain)
-minor enhancement in notifications and Import slidedown
-updated unwanted content domain list

v1.0.5.41 – Wednesday, September 28, 2011
-maintenance update => updated unwanted content domain list

v1.0.5.40 – Friday, September 9, 2011
-fixed minor unwanted content blocking issue
-corrected allow/block for session behaviour when clicked
-added revoke all temporary permissions functionality and button to tab widget
-updated unwanted content domains list

v1.0.5.39 – Thursday, September 8, 2011
-fixed “Trust” behavior for trusted no-domain urls

v1.0.5.36-1.0.5.38 – Wednesday, September 7, 2011
-v1.0.5.38 – potentially fixed no-domain issue
-ability to sort URLs (tab widget + options page) by domain
-updated unwanted content domain list

v1.0.5.31-1.0.5.35 – Tuesday, September 6, 2011
-bug-fix mania and yes, I’m still alive! (respect same-domain vs blacklist bug ( -removed “s” search keyword feature (for now, until Chrome supports the ability to make this toggleable)
-updated unwanted content domain list
-will continue to look into other reported bugs and also deciding on setting up a code repository and/or a forum. Chrome Web Store is clearly not making the cut. (Update: created: http://code.google.com/p/scriptno/)

v1.0.5.30 – Friday, August 26, 2011
(the Chrome Gallery commenting system is definitely broken)
-updated the unwanted content list with the latest domains

v1.0.5.29 – Thursday, August 25, 2011
-fixed bug where domains that exist in the unwanted domains list will always have Javascript disabled, even if in Relaxed mode and the domain is allowed
-updated the unwanted content list with the latest domains
(PS: is it just me or is the Chrome Gallery commenting system broken?)

v1.0.5.28 – Wednesday, August 24, 2011
-added new feature to quick-search privacy-conscious search engines! To use, type “s” in the address bar, press space, then type your query. You can set your default search engine in the Options page.

v1.0.5.24-1.0.5.27 – Tuesday, August 23, 2011
-v1.0.5.27 – added quick “Enable/Disable ScriptNo” button in tab options popup; added new option: “Page Link Opening Behaviour” (choices: -Unchanged-, Same Tab, New Tab)
-v1.0.5.26 – updated the unwanted content list with the latest domains
-possibly fixed a reported bug for Chrome on OS X regarding the tab options popup
-renamed “Whitelist/Blacklist/Bypass” to “Allow/Deny/Temp.” (for consistency)

v1.0.5.17-1.0.5.23 – Monday, August 22, 2011
-v1.0.5.21-1.0.5.23 – numerous bug fixes
-v1.0.5.20 – fixed issue with the relative-to-absolute function that was causing errors on sites like Grooveshark.com
-added ability to set Unwanted Content Blocking Mode: Relaxed or Strict (see “Overview” link for more information)
-added “Antisocial Mode”, which will always remove social widgets/buttons, even if whitelisted
-updated unwanted content domains list and added more domains to the Antisocial list

v1.0.5.16 – Sunday, August 21, 2011
-created a “Quick Start” guide for ScriptNo on my blog; added “Quick Start” links to the tab options popup and options page
-renamed “Help” links to “Overview” (which points to another post on ScriptNo on my blog)

v1.0.5.12-1.0.5.15 – Saturday, August 20, 2011
-v1.0.5.15 – minor bug fixes
-v1.0.5.14 – added ability to import/export ScriptNo settings + lists
-minor bugfixes to allow proper handling of short-form URLs (e.g. URLs without “.”s)

v1.0.5.10-1.0.5.11 – Friday, August 19, 2011
-minor bug fixes
-if “Always Block Unwanted Content” is ticked, it will now remove elements that exist in the domains blacklist even if the element(s) are unticked (e.g. IFRAME)
-updated domains blacklist (MVPS HOSTS, hpHOSTS (ad/tracking servers only), Peter Lowe’s HOSTS Project, MalwareDomainList.com, and DNS-BH – Malware Domain Blocklist)
-now allows you to whitelist/blacklist short-form URLs (e.g. URLs without “.”s)
-v1.0.5.11 – further optimized the domains blacklist to decrease file size and lookup times

v1.0.5.7-1.0.5.9 – Thursday, August 18, 2011
-renamed “Always Block Annoyances” to “Always Block Unwanted Content” to reflect increased scope of the option starting in this version
-if “Always Block Unwanted Content” is ticked, you will be blocking content from domains listed in MVPS HOSTS, hpHOSTS (ad / tracking servers only), Peter Lowe’s HOSTS Project, MalwareDomainList.com, and DNS-BH – Malware Domain Blocklist (ad / tracking servers, malware providers, phishing sites) -v1.0.5.5 – added option to show/hide “Rating” button in tab popup (enabled by default); minor fixes to tab popup

v1.0.5.0-1.0.5.1 – Sunday, August 14, 2011
-“Bypass” is now session-based (lasts until you close Chrome)
-“Always Block Annoyances” now integrates pgl.yoyo.org’s ad servers list
-sites that are blocked due to being an annoyance (“Always Block Annoyances” setting enabled) are now differentiated in the list by not having options to Allow/Deny/Bypass them
-improved tab options page for users who have Default Mode as “Allow”
-added “Help” links to tab popup and Options page (for a quick walkthrough of ScriptNo)
-v1.0.5.1 – added a few more sites to the annoyances blacklist

v1.0.4.x – “9001”

v1.0.4.x – “9001”

v1.0.4.1-1.0.4.2 – Saturday, August 13, 2011
-added ability to “Trust” domains (which will whitelist all subdomains for that domain)
-added more confirmation boxes to the Options page
-blocking made more reliable (removing unwanted content inserted after page load on whitelisted sites (e.g. webbugs and click-through referrer blocking))

v1.0.4.0 – Thursday, August 11, 2011
-added ability to block sending referrer data when clicking on external links that aren’t whitelisted (adds the “rel=’noreferrer'” attribute: http://www.whatwg.org/specs/web-apps/current-work/multipage/links.html#link-type-noreferrer)
-made blocking more bulletproof (against DOM updates, especially if <SCRIPT> isn’t ticked)
-added quick links to the Options page and this page in the tab options popup

v1.0.3.x – “May the Force be with you”

v1.0.3.0-1.0.3.9 – Wednesday, August 10, 2011
-added ability (and option) to block webbugs (third-party images in <noscript> tags)
-minor code clean-up
-v1.0.3.3 – tweaked webbugs matching algorithm and added a few more urls to the annoyances blacklist
-v1.0.3.4-9 – beefed up webbugs blocking/removal: detects, blocks and removes third-party “invisible” imgs, objects, embeds, and iframes (if Remove Webbugs option is enabled of course)

v1.0.2.x – “It’s dangerous to go alone! Take this!”

v1.0.2.2-1.0.2.4 – Tuesday, August 9, 2011
-fixed intermittent “ghost” tabs
-now lists blocked <NOSCRIPT> elements in the tab popup
-added option to block <IMG> elements
-fixed minor issue with Chrome Extension Gallery

v1.0.2.1 – Monday, August 8, 2011
-rebuilt blocking algorithm to work more reliably; should notice a slight speed boost
-added bulk whitelist/blacklist import feature (you can find it on the Options page)
-added “Always Block Annoyances” option to remove common widgets/analytics, even if whitelisted (disabled by default)

v1.0.1.x – “One Does Not Simply Click Into Mordor”

v1.0.0.4-1.0.1.6 – Sunday, August 7, 2011
-v1.0.1.6: now shows element type for blocked items (when hovered over)
-refactored and cleaned up code
-tab option popup doesn’t close after you make a selection (you can set it to do so in options)
-added ability to see blocked AND allowed resources
-tweaked blocking algorithm to block unwanted resources even if you’ve whitelisted the overall domain (looks for third party resources that contain the current tab’s domain or has itself repeated in the path and blocks them)
-todo: work on inline script mitigation

v1.0.0.3 – Saturday, August 6, 2011
– made it so the first item is the same domain (and bolded) in the list of blocked sites if applicable
– improved accuracy of algorithm (which fixes a bug with Facebook even if whitelisted)
– minor tweaks to options page for more clarity

v1.0.0.0-1.0.0.2 – Friday, August 5, 2011
– jump from v0.0.5 to v1.0.0.0 to reflect jump in functionality 🙂 (v1.0.0.1 fixes a minor bug; v1.0.0.2 features an updated Options page (included links to my G+ and Twitter accounts) and minor appearance tweaks)
– granular control and view of resources (shows paths of ALL blocked resources when hovered over)
–allow/deny/bypass resources by domain
– todo: revamp options page! (focus thus far has been on functionality)

v0.0.1-0.0.5 – Wednesday, August 3, 2011
– first couple of “beta” releases

v1.0.6.2 – Saturday, February 18, 2012- fall-back to previous blocking methods implemented => no more requirement to be using Chrome v17 *nod to the KNOS Project*. Don’t worry, the new reliable blocking features using the new APIs will still work, if supported!- addresses issues 64, 66, 72, and 73- able to set custom referrer values now- added FAQs link to tab popup- minor tweaks to Options page and tab popup- please check out the updated FAQs page to see if it answers any questions you may have 🙂 (especially playing nicely with other extensions) => http://code.google.com/p/scriptno/wiki/FrequentlyAskedQuestions