New in version 2.6.8.14

February 13th, 2014
  • Fixed bookmarklet execution disabling JavaScript on whitelisted pages (Firefox >= 29, thanks vsemozhetbyt for reporting mozbug 970445)
  • [ABE] Improved compatibility with .local domains (thanks func0der for reporting)

New in version 2.6.8.14 RC1 (January 29th, 2014)

  • [ABE] Improved compatibility with .local domains (thanks func0der for reporting)

New in version 2.6.8.13 (January 23rd, 2014)

  • The option dialog is non-modal and recycled now

New in version 2.6.8.13 RC2 (January 21st, 2014)

  • Moved ClearClick options into their own "Advanced" sub-tab
  • Minor options dialog tweakings
  • Removed External Filters options panel

New in version 2.6.8.12 (January 15th, 2014)

  • Improved work-around for https://bugzilla.mozilla.org/show_bug.cgi?id=958962
  • [Surrogate] Prevent blank ModPagespeed-patched pages when meta refresh inside NOSCRIPT elements is blocked (thanks thunderscript and barbaz)
  • Fixed one-time this.getSite() error on startup
  • Browser Console support
  • [Locale] Updated fr (thanks Jack Black)
  • Fixed feed reader broken on non-whitelisted sites in non-stable Firefox (thanks LouCypher for reporting)

New in version 2.6.8.12 RC3 (January 14th, 2014)

  • Work-around for: No way to consistently enable elements using Cu.blockScriptForGlobal() early (e.g. in "content-document-global-created" observer?)

New in version 2.6.8.12 RC2 (January 13th, 2014)

  • Fixed one-time this.getSite() error on startup
  • Browser Console support

New in version 2.6.8.12 RC1 (January 11th, 2014)

  • Fixed feed reader broken on non-whitelisted sites in non-stable Firefox

New in version 2.6.8.11 (January 10th, 2014)

  • [XSS] Fixed nested URL parsing optimization bug (thanks Masato Kinugawa for reporting)
  • [XSS] Abort, rather than filter, potential charset-based attacks ( thanks Masato Kinugawa for reporting)
  • [XSS] Improved Ebay compatibility (thanks Markus Wienand for reporting)
  • [XSS] Fixed bad charset check regression from rc6 (thanks Masato Kinugawa for reporting)
  • [XSS] Fixed bad charset checks not honoring exceptions (thanks Masato Kinugawa for reporting)
  • Adopted the Components.utils.blockScriptForGlobal() API where possible
  • [XSS] Further improvements in recursive link checks (thanks Masato Kinugawa for reporting)
  • [XSS] Better checks for combined data/javascript URIs (thanks Masato Kinugawa for reporting)
  • [XSS] Restored fuzzy HTML sniffing in nested data URI (thanks Masato Kinugawa for reporting)
  • [XSS] Improved data URI checks (thanks Masato Kinugawa for reporting)
  • [XSS] Enhanced recursive link checks (Thanks PK Cano for reporting)
  • [XSS] Stricter HTML checks on second-order data URI injections exactly fitting whole URL attributes (thanks Masato Kinugawa for reporting)