NoScript for FF
V. 1.6.9.2 "Featherlight Armor"
Congratulations, you've got the latest version.
Main good news:
* Critical work-around for Firefox 3 Base64 decoding bug.
* Several speed and accuracy optimizations on Anti-XSS filters.
* Improved IP based shorthands.
* Enhanced cross-site POST blocking as an anti-CSRF mitigation.
* Better feedback for blacklisted items on the page, by appending untrusted sites count to "Untrusted" menu label.
* Specific shadowed status icon for pages having some origins allowed and all the remaining marked as untrusted.
* Enhanced bookmark and location bar management (e.g. you can test bookmarklets from the location bar even on untrusted sites).
* Prevention of Java exploits based on malformed class names.
* New and improved icons.
* Much improved plugin interception, better differentiating content served by the same Flash-based application (e.g. YouTube's movie player)
* New Blocked Objects menu to temporarily allow any blocked plugin content instance on the page, even if its placeholder is hidden or not easy to be seen. You can also unblock all the plugin content coming from a certain site, or certain content types only.
* Enhanced blocked content placeholders, showing a descriptive icon for each type (e.g. PDF or Flash) when available.
* Temporarily unblocked plugin content now obeys to the "Revoke Temporary Permissions" command.
* New "noscript.allowedMimeRegExp" about:config option to whitelist some content types not to be blocked by Forbid other plugins, for instance "application/pdf" or "image/.*"
* All content coming from sites explicitely marked as untrusted is blocked by default, even if allowed in NoScript Options|Plugins
* Various directory traversal and information leakage countermeasures.
* "Revoke temporary permissions" command available in floating menus.
* Improved protection against Flash-based XSS attacks.
* New "Collapse blocked objects" and "No placeholder for object coming from sites marked as untrusted" options for plugin content.
