JonDoFox extension for Firefox

From JonDonym Wiki
Jump to: navigation, search

En2.png De2.png  Changelogs and Sources

Contents

Changes in version 0.6.7.8

Date: 2017-01-19

  • general.useragent.override:

Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0

  • general.buildID.override:

(empty string)

  • general.appversion.override

5.0 (Windows)

Changes in version 0.6.7.7

Date: 2016-08-13

  • fix: error messages after network errors are now displayed correctly, again

Changes in version 0.6.7.6

Date: 2016-05-17

  • font.blacklist.underline_offset was changed, so that no system fonts are disclosed any more
  • network.http.accept-encoding.secure was changed, so that it - again - consequently prints "gzip, deflate"

Changes in version 0.6.7.4

Date: 2015-10-19

  • Set multiprocessCompatible mark
  • New TOR-Browser User-Agent

Changes in version 0.6.7.3

Date: 29.09.2015

  • Profile-Update Check made dynamic
  • Missing SSL-Observatory entrys from HttpsEverywhere 5.1.0 added

Changes in version 0.6.7.2

Date: 16.09.2015

  • Compatibility till FF 43

Data privacy-settings added:

  • Timing APIs deactivated
  • Keyboard Fingerprinting denied
  • Spekulatives Laden von Websites denied
  • Web IDE deactivated

Changes in version 0.6.7.1

Date: 2015-09-10

  • Mozilla signature
  • Compatibility until FF 42

Changes in version 0.6.6.16

Date: 2015-06-17

  • bump user agent fakes to the latest Firfox versions (38)
  • always display insecure renegotation as broken (security.ssl.treat_unsafe_negotiation_as_broken: true)
  • Disabled Javascript sharedWorker and upload of health report
  • Fixed SSL Observatory by removing own implementation and force HTTPSEverywhere to use our proxy settings
  • Updated secure/insecure SSL cipher because of Logjam attack
  • Removed dispostable email services Spamavert and Trash-mail, because these service are not working anymore
  • made weak cipher message clearer
  • CookieController-Checkbox added for optionally enabling reload on switch
  • set maxVersion to 42

Changes in version 0.6.6.15

Date: 2015-04-22

  • Added options to enforce secure SSL settings
  • Disabled heartbeat user rating system
  • Bump user agent fakes to the latest Firefox versions
  • Enforce Noscript ABE settings

Changes in version 0.6.6.14

Date: 2015-03-07

  • reversed to 0.6.6.12 code due to various login problems

Changes in version 0.6.6.13

Date: 2015-03-05

  • secured SSL settings for latest Firefox versions
  • small bugfix for user agent fake for Firefox 36.0 (Win)

Changes in version 0.6.6.12

Date: 2015-02-26

  • bugfix for cache management
  • disabled SSL session identifiers for Firefox 36
  • delete HSTS header in server responses to avoid HSTS tracking
  • dont't enforce privacy.clearOnShutdown.siteSettings=true any more
  • bump user agent fakes to the latest Firfox versions
  • required JonDoFox profil is version 2.11.0
  • small code cleanup

Changes in version 0.6.6.11

Date: 2015-01-15

  • enabled dom.indexedDB.enabled for Firefox 35 because of a bug in Firefox (we recommend the usage of Firefox 31.4.0 ESR, which is not affected by the bug)
  • small bugfix for about:jondofox page
  • bump BuildID for JonDo user agent fake to the latest ESR version of Firefox

Changes in version 0.6.6.10

Date: 2015-01-12

  • Bugfix for clear cache if proxy was switched.
  • Disable sensors API and netinfo API.
  • Clear site permissions on shutdown.
  • Disable download of safebrowsing DB for FF 34.
  • Bump user agent fake for Firefox (Win32) to FF34.

Changes in version 0.6.6.9

Date: 2014-10-22

  • Disabled media.video_stats.enable, plugins.enumerable_names, experiments.supported, experiments.enabled, beacon.enabled and loop.enabled (FF34).
  • Don't show MD5 fingerprints in CertificatePatrol dialogs.
  • Set noscript.iframes.enabled to privacy relevant and observe it.

Changes in version 0.6.6.8

Date: 2014-10-17

  • bugfix for preferences observer

Changes in version 0.6.6.7

Date: 2014-10-16

  • Disabled insecure SSL cipher by default.
  • Disabled Youtube ruleset in HTTPSEverywhere if insecure SSL cipher are disabled.
  • Bump user agent fakes to the latest Firefox version.
  • Set user agent fake for Tor to the new TorBrowser 4.0.
  • Bugfix for CertificatePatrol in combination with Firefox 33.0

Changes in version 0.6.6.6

Date: 2014-10-09

  • set places.history.enabled to false

Changes in version 0.6.6.3

Date: 2014-09-09

  • bump user agent fakes to latest Firefox versions
  • disabled safebrowsing

Changes in version 0.6.6.2

Date: 2014-08-28

  • small bugfix for new tab config

Changes in version 0.6.6.1

Date: 2014-07-29

  • allow installation of UnPlug</li>
  • disable browser.safebrowsing.appRepURL

Changes in version 0.6.6

Date: 2014-07-24

  • removed additional third party cookie protection because it is done CookieController
  • enabled weak TLS cipher by default, because of many problems with websites
  • bump user agent fakes to latest Firefox versions

Changes in version 0.6.5.2

Date: 2014-07-15

  • Disabled additional third party cookie protection by default because of login problems on some large websites.
  • Using Firefox ESR for custom Windows user agent fake, if Firefox 24.x is used.

Changes in version 0.6.5.1

Date: 2014-06-26

  • bugfix for net error messages

Changes in version 0.6.5

Date: 2014-06-25

  • Disabled weak SSL cipher and add an option to the preferences dialog to activate it if required.

Changes in version 0.6.4

Date: 2014-06-14

  • Bump user-agent fakes to the latest Firefox release.

Changes in version 0.6.3.2

Date: 2014-05-17

  • Enforce typeinference for Javascript only for content and not for chrome (Firefox > 26.0).

Changes in version 0.6.3.1

Date: 2014-05-09

  • Disabled network.seer.enabled for Firefox 29 in JonDo and Tor mode.

Changes in version 0.6.3

Date: 2014-04-29

  • Added additional third party cookie protection.
  • Enforce some Javascript settings to improve security. It will slow down Javascript a little bit but not significantly.
  • Disabled Mozilla snippet downloads.
  • Enabled websockets for Firefox 29
  • Bump user-agent fakes to the latest Firefox release.

Changes in version 0.6.2

Date: 2014-04-02

  • Disabled websockets in JonDo mode and Tor more because of a bug in Firefox
  • Enabled SPDY for no-proxy mode to match Firefox default settings

Changes in version 0.6.1

Date: 2014-03-02

  • Enforce cache settings at startup and proxy switch
  • Disabled media.cache, because it is written to disk
  • Update JonDoFox and JonDoBrowser feature page

Changes in version 0.6.0.1

Date: 2014-03-19

  • Bump user agent fake for Firefox (Win32) for custom proxy to Firefox 28

Changes in version 0.6

Date: 2014-03-17

  • Disable all plugins but Flash for "no proxy" and "custom proxy" because plugin enumeration is used by fingerprinters
  • Disabled Firefox formfill assistance for privacy reasons
  • Do not add downloads to recent documents of Windows desktop to avoid traces on disk
  • Disabled network.dns.disablePrefetch
  • Clear DNS cache on proxy switch
  • Disabled app.update.enabled for FreeBSD, NetBSD, OpenBSD to avoid useless connects to Mozilla
  • Added option to config dialog for always set the proxy to JonDo on startup
  • Added a function to reset all values to JonDoFox default by reset extensions.jondofox.firstStart and restart the browser
  • Bump buildIDs for user agent fakes to latest Firefox esr
  • several bugfixes

Changes in version 0.5.8

Date: 2014-02-27

  • Remove all proxy exeptions, because it is risk for anonymity
  • Improved Do-Not-Track handling (enforced for JonDo and Tor but configurable else)
  • Enforce plug-in handling if JonDo-UA or Tor-UA was selected for custom proxy
  • Remove setting of charset in HTTP header, because it is not send by Firefox (only code cleanup)
  • Bump buildID for Windows-UA fake to latest Firefox 27.0
  • Improved proxy error page and fixed OS specific download links for JonDo

Changes in version 0.5.7.1 (only JonDoBrowser)

Date: 2014-02-13

  • set JonDoBrowser version to 0.13 for update hint

Changes in version 0.5.7

Date: 2014-02-10

  • Added user agent fake for Firefox (Windows) to custom proxy configuration
  • Disabled gamepad API because it will be enabled in FF 28 by default
  • Clear site specific permissions on proxy switch
  • Bump buildID for JonDoFox-UA to latest Firefox esr

Changes in version 0.5.6

Date: 2014-02-01

  • Deaktivated Flash by default to avoid differnces between JonDoFox and JonDoBrowser
  • Remove temp. Javascript permission if proxy was changed
  • Forces image.http.accept to the value of FF24 to avoid differences if newer FF are used
  • Updates for about:jondofox and about:jondobrowser pages

Changes in version 0.5.5

Date: 2014-01-21

  • Added buildID of Firefox to UA fake, to make it more plausible

Changes in version 0.5.4

Date: 2014-01-16

  • disabled Do-Not-Track in Tor mode
  • small GUI cleanup in preferences dialog

Changes in version 0.5.3

Date: 2014-01-10

  • disable clipboardevents to block access to the clipboard by Javascript

Changes in version 0.5.2

Date: 2013-12-27

  • bugfix for German translation

Changes in version 0.5.1

Date: 2013-12-23

  • set Tor user-agent to latest TorBrowser release
  • bugfix for safebrowsing URLs

Changes in version 0.5

Date: 2013-12-09

  • using return value of SSL observatory to generate a warning in case of issues
  • change settings dialog for aditional checks of SSL certificates
  • disable Certificate Patrol by default, but it may be used as an alternative for SSL observatory
  • block HTTP-Auth tracking silent

Changes in version 0.4

Date: 2013-11-08

  • Change the user agent fake for JonDo to Firefox 24 (Linux, i686)
  • Proxy settings are configurable in about:config (for advanced user)
  • Set SOCKS5 proxy for JonDo too.

Changes in version 0.3

Date: 2013-09-17

  • secured proxy switch (close all tabs, delete crypto tokens, auth tokens, cache and image cache)
  • removed disposable email provider Mailinator.com an added dispostable.com and trash-mail.com

Changes in version 0.2.29

Date: 2013-05-15

Minor improvement:

  • removed query string in third party Referer headers due to possible information leaks

Bugfix:

  • fixed broken image loading due to bad Accept header

Other:

  • code clean-up

Changes in version 0.2.28

Date: 2013-04-02

Minor improvement:

  • added UnPlug icon to the toolbar
  • add-on bar is collapsed by default on Firefox >= 4
  • disabled no-proxy-warning on start-up if JonDoBrowser is used
  • disable WebRTC for JonDoFox users as it may compromise the anonymity

Bugfix:

  • disable auto load of files with pdf/application MIME type already on first start of a new profile
  • fixed bug in Referer spoofing logic

Other:

  • code clean-up
  • updated SSL Observatory certificate whitelist

Changes in version 0.2.27.1

Date: 2013-03-11

Bugfix:

  • updated Tor user agent to match the default one in the Tor Browser

Other:

  • bumped JonDoBrowser version to 0.5.1

Changes in version 0.2.27

Date: 2013-02-19

Minor improvement:

  • prepared JonDoFox to work with automatic JonDoBrowser updates (on Linux first)

Other:

  • code clean-up

Changes in version 0.2.26

Date: 2013-01-08

Minor improvement:

  • updated about:jondobrowser help page

Bugfixes:

Other:

  • code clean-up

Changes in version 0.2.25.1

Date: 2012-12-04

  • bumped JonDoBrowser version to 0.3.1

Changes in version 0.2.25

Date: 2012-11-21 Minor improvements:

  • disabled all plugins per default in JonDo mode if JonDoFox is used in JonDoBrowser
  • enabled WebSockets as they don't bypass the proxy if used with an HTTP proxy

Bugfixes:

  • added missing "extensions.jondofox.noscript_showDomain" preference
  • let add-ons get updated automatically to provide timely security updates
  • made JonDoFox compatible with Firefox 17 as we ourselves need to take care that no connection is kept alive now
  • fixed wrong encoding header for Firefox < 4

Other:

  • code clean-up

Changes in version 0.2.24.2

Date: 2012-10-28

  • bumped JonDoBrowser version to 0.2.2

Changes in version 0.2.24.1 (JonDoBrowser on Windows only)

Date: 2012-10-22

  • bumped JonDoBrowser version to 0.2.1

Changes in version 0.2.24

Date: 2012-10-09

Minor improvements:

  • disabled "extensions.blocklist.enabled" in order to not allow Mozilla to disable one of our extensions and to avoid OS and kernel information leaks (see: https://trac.torproject.org/projects/tor/ticket/6734)
  • slightly updated SSL Observatory code to match the HTTPS Everywhere 3.0 release
  • improved english about:jondofox/about:jondobrowser translation (thanks to sovereignpress)
  • bumped maxVersion to 17.*

Changes in version 0.2.23

Date: 2012-08-30

Minor improvements:

  • updated Tor User Agent
  • disabled "dom.network.enabled" to avoid sniffing of the connection type via JavaScript
  • disabled the capturing of thumbnails for the New Page tab (set "browser.pagethumbnails.capturing_disabled" to true)
  • made some explanations more precise/updated language strings

Other:

  • added language strings for JonDoBrowser

Changes in version 0.2.22

Date: 2012-07-17

Minor improvements:

  • new JonDoFox logo
  • enhanced temporary e-mail feature in the context menu
  • code clean-up

Changes in version 0.2.21

Date: 2012-06-05

Bugfixes:

  • fixed corner case in HTTP-Authentication defense code
  • fixed race condition in HTTP-Authentication defense code
  • fixed variable redeclaration in CertPatrol code

Changes in version 0.2.20

Date: 2012-04-24

Minor improvements:

  • improved HTTP-Authentication defense and notified user about possible tracking attempts
  • adapted integrated SSL Observatory logic to reference implementation
  • disabled SPDY by default
  • disabled NavigationTiming API by default

Bugfixes:

  • fixed small bug in Date spoofing code (saved TZ was reset during add-on upgrade)
  • do not write to stderr/stdout if the debug preference is set to false
  • fixed wrong HTTP header after switching from custom mode to Tor mode
  • fixed loading of about:jondofox in every new window after upgrading JonDoFox

Other:

  • code clean-up

Changes in version 0.2.19

Date: 2012-03-13

Minor improvements:

  • implemented version check for JonDoBrowser
  • resolved compatibility issue with Bookmark Autohider
  • fixed some typos in german about:jondofox text
  • added new pref that sets dom.battery.enabled to false
  • set plugin notification preference according to the JonDoFox mode

Bugfix:

  • repaired some possible null pointers

Changes in version 0.2.17.1

Date: 2012-02-03

Minor improvements:

  • corrected CHANGELOG
  • compatibility with profile 2.6.3

Changes in version 0.2.17

Date: 2012-01-31

Minor improvements:

  • added positioning parameter to the JonDoFox menu popup to avoid loading the anontest unnecessarily
  • made JonDoFox compatible with JonDoBrowser
  • updated preferences to match Firefox 10 values
  • set maxVersion to 12.0a1

Changes in version 0.2.16 - 2011-12-20

Minor improvement:

  • added link to our wiki for further temporary e-mail services

Changes in version 0.2.15 - 2011-11-30

New Features:

  • implemented protection against tracking via TLS Session Resumption
  • using the TZ environment variable to deliver a uniform time zone in JonDonym and Tor mode (thanks to Torbutton for the idea)

Minor improvements:

  • modified plugin feature to allow customizations in no proxy and custom proxy mode
  • set maxVersion to 11.0a1

Bugfixes:

  • corrected missing release date of 0.2.14.1 in CHANGELOG
  • repaired possible null pointer in overlay code

Changes in version 0.2.14.1 - 2011-11-09

Bugfix:

  • disabled plugins are not enabled automatically anymore if the Plugin feature is not used

Changes in version 0.2.14 - 2011-11-08

New Feature:

  • option to disable all plugins but Flash in JonDo mode; included a hidden option (extensions.jondofox.disableAllPluginsJonDoMode) to disable even Flash; all plugins are disabled in Tor mode by default and enabled in no-proxy mode; in custom-proxy mode the behavior depends on the chosen UA

Minor Improvements:

  • improved change dialog for CertPatrol (uniform coloring of old (red) and new attributes (green))
  • improved error page for Windows users
  • raised maxVersion of JonDoFox to Firefox 10.0a1

Bugfixes:

  • fixed wrong sent FF version to Google's safebrowsing server
  • fixed wrong entity for JonDo Mac image link in german language file

Changes in version 0.2.13 - 2011-09-27

Minor improvement:

  • greatly improved CertPatrol change cert/new cert dialog
  • included CertPatrol (2.0.12) code to check third party SSL certificates
  • restricted browser.sessionhistory.max_entries to 2 due to fingerprinting issues (only for Firefox >= 4)
  • slightly enhanced window.name logic (no removal of window.name id in 3rd party contexts without Referrer anymore)
  • made JonDoFox compatible with Firefox up to 9.*

Bugfixes:

  • fixed OCSP problem while having SafeCache activated
  • spoofed network.http.accept.default properly for Tor mode
  • fixed encoding bug (now gzip, deflate is properly used)
  • fixed CHANGELOG file: added missing custom font deactivation in profile 2.5.3
  • fixed not working pref dialog opened via about:addons/the tools menu

Changes in version 0.2.12 - 2011-08-19

Bugfixes:

  • fixed HTTP Authentication tracking problem for FF 3.6.*

Changes in version 0.2.11 - 2011-08-16

Bugfixes:

  • fixed problem that http auth protection got not disabled if SafeCache protection is disabled

Changes in version 0.2.10 - 2011-08-16

New Feature:

  • mitigating tracking risks related to HTTP Authentication

Minor improvement:

  • new User Agent
  • enhanced confusing error page that shows up while retrieving TLS content without being connected to a cascade
  • added (correct) API link to observatory context help again
  • better handling of context help dialogs if a link got clicked (the popup is closed in this case)
  • no Accept-Charset header will be sent anymore as it is done in FF6 by default
  • enhanced SafeCache logic
  • new Tor User Agent
  • exchanged methods to handle JSON due to https://bugzilla.mozilla.org/show_bug.cgi?id=645922

Bugfixes:

  • removing port values now before comparing the Referer URL with the one actually surfed in order to decide whether to spoof the Referer or not

Changes in version 0.2.9.1 - 2011-06-21

Bugfixes:

  • removed dead link from the observatory context help
  • fixed link error in start help page on MacOS

Changes in version 0.2.9 - 2011-06-20

New Feature:

Minor improvement:

  • option to autostart of JonDo if it is not already started
  • JonDoFox toolbar button is available (and automatically installed on Firefox >= 4) now
  • vastly improved error page that comes up if one wants to surf but JonDo is not yet available
  • disabled webgl.disabled due to security issues
  • made safebrowsing moz:client and LOCALE settings uniform
  • set dom.indexedDB.enabled to "false" due to tracking risks
  • it is now possible to deactivate the temporary e-mail feature.
  • replaced two temporary E-mail services (trash-mail.com and dispostable.com) with mailforspam.com and spamavert.com
  • improved warning dialog if a user starts without a valid proxy or is trying to choose one later
  • no empty tab anymore while displaying about:jondofox or download pages of missing or disabled add-ons or the ip check
  • set feed handler to "bookmarks" if the respective handler is set to "reader" and the respective default handler to "client"

Bugfixes:

  • fixed a bug in the request observer (some corner cases did not get treated properly by our SafeCache and Referer spoofing logic due to it)
  • corrected some glitches in JonDoFox' popup menu on Windows and MacOS

Changes in version 0.2.8.4 - 2011-03-28

Bugfixes:

  • exclude passwords while deleting browser history related data via privacy.sanitize.sanitizeOnShutdown

Changes in version 0.2.8.3 - 2011-03-23

Minor improvement:

  • set privacy.sanitize.sanitizeOnShutdown back to true again but excluded visited page history (due to NoScript's STS feature) and included passwords and offline apps
  • collapsed Gopher row in prefs-dialog if FF4 is used
  • updated JonDoFox profile update message
  • changed anontest and german profile update URL

Bugfixes:

  • if no add-on is activating the addon bar JDF is not displayed; now we are activating it ourselves if necessary

Changes in version 0.2.8.2 - 2011-03-02

Minor improvement:

  • if Cookie Monster is missing, a tab opens the correct add-on to install (unfortunately there are two with the same name)

Bugfixes:

  • set privacy.sanitize.sanitizeOnShutdown back to false due to compatibility issues with NoScript's STS implementation.
  • a warning is shown in FF4 now as well, if NoScript is disabled

Changes in version 0.2.8.1 - 2011-02-25

Bugfixes:

  • reverted UA to old one due to compatibility issues with stable JonDo

Changes in Version 0.2.8 - 2011-02-24

New Feature:

  • full Firefox 4 compatibility
  • included the DNT header
  • included core Bloody Vikings functionality (getting a temporary email address easily)

Minor improvement:

  • activated browser history again (in FF4) as the :visited bug got fixed by Mozilla
  • set extensions.update.autoUpdateDefault and extensions.getAddons.cache.enabled to false to stop unnecessary pings to Mozilla (FF4)
  • changed english anontest homepage to ip-check.info
  • updated UA to match english FF 3.6.13
  • allowed to enable/disable proxy keep-alive for custom proxies
  • developed new overlay for FF >= 4.0b7pre as the statusbar is deprecated now (but the addon-bar is not used yet)
  • updated the links to our new homepage and cleaned code in jondofox-gui.js
  • fixed Firefox 4 issues with our netError.xhtml override
  • set network.http.accept-encoding in FF4 to "gzip,default"
  • There was no need to exclude FF 3.0 users. Lowering the minVersion to 3.0
  • if one prefs dialog is open and a new one shall be opened: focus the old one instead of doing nothing
  • Added "Proxy: " to the proxy label in the statusbar
  • created an about-JonDoFox (i.e. about:jondofox) entry in the settings menu
  • set privacy.sanitize.sanitizeOnShutdown to true in oder to delete Flash cookies on shutdown in FF4 (see: bug 290456)

Bugfixes:

  • fixed an issue concerning our searchbar deletion functionality in FF4
  • reset intl.accept_languages to default value if user has no proxy or custom one with no faked UA
  • repaired broken links in about-dialog.xul
  • give a warning popup in all cases a custom proxy is misconfigured

Changes in Version 0.2.7 - 2010-09-30

New Feature:

  • if someone sets a TabID (to track the user) it is deleted if the user surfs to a new domain

Minor improvement:

  • set browser.send_pings to false just in case a user enables it (by accident or whatever)
  • set plugin.expose_full_path to false to prevent the attacker from extracting the plugins' absolute path in the file system
  • set browser.zoom.siteSpecific to false to prevent an attacker from tracking users via their specific zoom settings
  • simplified the SafeCache code (got rid of the MD5-code and use now nsICryptoHash)
  • set network.websocket.enabled to false until we can reliably say whether this pref is harmless

Bugfixes:

  • corrected general.productsub.override to general.productSub.override
  • corrected "en-us" in general.appversion.override to "en-US"
  • corrected user agent update mechanism for JDF + FF 4 (now, updates of default UA prefs result in a update of the UA in the browser in any case if JDF is updated)

Changes in Version 0.2.6 - 2010-09-09

New Feature:

  • compatibility with FF4 (up to and including beta 4)
  • "extensions.jondofox.search_suggest_enabled" is set to "false" and disables the search suggestion feature in the browser
  • a JonDoFox feature page is shown during start-up of a new extension version and may be loaded if "Features" in the proxyswitcher menu is clicked; included an about:jondofox shortcut that is linked to our feature page
  • included a slightly enhanced version of Certificate Patrol to provide a better detection of MITM attacks
  • the search history is deleted after every 30 minutes now
  • the searchbar value (as well as the "UnDo" and "ReDo" ones) is deleted as soon as the user starts a search via the searchbar; this feature may be disabled using the extensions.jondofox.delete_searchbar preference

Minor improvement:

  • changes regarding network.http.accept.default are not ignored anymore
  • a HTTP/S-proxy is now configurable in the Tor proxy setting via about:config
  • optimized our referer logic
  • updated the proxyswitcher popup (got a tooltiptext, replaced "Anontest" and the mouse cursor changes while it hovers over the proxyswitcher text)
  • improved the about dialog (link to feature page included; links open in tabs now and are marked as such; mouse cursor changes while hovering over them)

Bugfixes:

  • adapted the text concerning the "referer-checkbox"
  • fixed a bug in the unmap() function of the preferences-mapper
  • the preference dialog is always shown using the flag "centerscreen" now
  • fixed a possible exception in our referrer code
  • fixed a bug in the proxy circumvention code
  • fixed a bug concerning the MIME detection we need for showing the proper warning overlay in the external helperapp dialog

Changes in Version 0.2.5 - 2010-05-19

New Feature:

  • included a 'pdf-warning' if a pdf-plugin is enabled; and added a help-button which opens a new Tab with the 'harden Adobe' text in our Wiki
  • show the JonDoFox download page if the user should update the profile and has not disabled the update warning
  • improved referrer logic: if 3rd party content is loaded the referrer is not modified
  • "extensions.jondofox.security.default_personal_cert" is set to "Ask Every Time" and makes thus sure that user certificates are not sent automatically to the server
  • "extensions.jondofox.security.remember_cert_checkbox_default_setting" is set to "false" and makes thus sure that the user is not sending a user certificate automatically during a session if she just clicks through the dialog once

Minor Improvement:

  • show only second-level domains in the NoScript menu (once a new version of the JonDoFox extension is found "extensions.jondofox.noscript_showDomain" is checked and if it is set to "false" only the second-level domains are shown)
  • updated the Tor User Agent and corrected Accept Headers while faking Tor
  • moved relevant functions to jondofox-utils

New XPCOM-Component:

  • safecache.js: moved SafeCache's functionality to an own component

Bugfixes:

  • fixed localization issues in about dialog
  • fixed leaking Accept Header
  • corrected a problem concerning rendering the external helperapp dialog

Changes in version 0.2.4.1 - 2010-01-25

Minor improvement:

  • removed loading of anontest automatically during startup if the user is trying to surf without a proxy

Changes in version 0.2.4 - 2010-01-21

New Features:

  • new referrer logic
  • included SafeCache's functionality
  • show anontest page on startup if no (proper) proxy is configured
  • there is now a new preference, extensions.jondofox.alwaysUseJonDo, which, if set to true, ignores the proxy used in the last session and lets the browser start always with JonDo; default is "false"
  • added a special overlay which is shown to the user if she wants to download a .doc or a .rtf file: OpenOffice.org shall be used for security's sake

New XPCOM component:

  • jondofox-utils.js: all the utility functions needed shall be stored here

Minor improvements:

  • excluded the warning regarding opening mailto-links
  • the modified unknowncontenttype dialog behaves more like the unmodified one; i.e. the settingschange element is hidden again if the Open-button is selected after the Save-button and the checkbox have been selected

Changes in verison 0.2.3 - 2009-11-10

New Features:

  • Minimized the need for updating the whole profile if there are changes in the extension
  • included several new warnings which may be disabled by the user:
  • update warnings (if the user has to update/enable the profile or some other extensions (NoScript, SafeCache))
  • preference warnings (in case the user modifies the recommended prefs and thus is not surfing securely anymore)
  • proxy warnings (if the user is not using a proper configured proxy or no proxy at all for her surfing)
  • 'Benutzerdefiniert' or 'Custom Proxy' is now shown in red letters as well if there is, despite its appearance, no properly configured proxy in use
  • The user may change the UA if she configures a custom proxy (not faked, the Tor-UA, JonDo-UA). If there is no proxy in use, the unfaked UA is sent if Tor the Tor one and if JonDo the JonDo UA
  • Improvement of the download of files without using a proxy (via the context menu). Now the user can be redirected to an other location and the download is not done using the Mix-cascades.
  • Warnings if the downloads files which may be opened by external apps
  • Prohibiting the option of opening files automatically with an external app
  • Improved the Custom Proxy dialog. It works now like the proxy settings panel in Firefox (remembering old values if the box 'Use settings for all protocols' is checked...)
  • If there is no appropriate Custom Proxy set but nevertheless used it is not possible to download files via the context menu: the bypassing proxy option is deactivated

Location Neutrality:

  • Preference for setting 'accept charsets' to 'text/html,application/xml,*/*'; this was necessary due to some yahoo pages which do not work with '*/*' anymore

Minor improvements:

  • Copied a icon in the root directory of the extension (icon.png) thus the JonDoFox icon is still shown even if the extension is disabled (Feature of Firefox 3.6)
  • modified a misleading log message in jondofox-gui.js

Changes in version 0.2.0 - 2009-05-xx:

New Features:

  • New Multi-Tabbed Configuration GUI
  • Updated User Agent Headers
  • Do not use proxy keep-alive connections

New Setting:

  • Boolean 'extensions.jondofox.disable_history': If the value is true, set 'browser.history_expire_days' to 0 on startup

Location Neutrality:

  • Override the default charset, but not to UTF-8
  • Replaced 'en' by 'en-us'
  • Equally accept all charsets by setting 'accept_charsets' to '*'

Changes in version 0.2b3 - 2008-10-24:

Compatibility:

  • Allowing RefControl if 'set_referrer' is set to false

Changes in version 0.2b2 - 2008-10-23:

New features:

  • Add an internal property for toggling referrer headers
  • Show JonDoFox homepage after extension upgrades

Changes in version 0.2b1 - 2008-10-20:

New features:

  • Clearing all cookies on every state change
  • Added a customizable proxy configuration to the proxy switcher
  • Set the 'Accept'-header of every request to '*/*'
  • Using different colors for different proxy states (red/black)
  • Added icons to the statusbar popup
  • Automatically restarting the browser after uninstalling other extensions

Changes in version 0.2a1 - 2008-09-16:

Major features:

  • Integrated a self-implemented proxy switcher

New XPCOM components:

  • preferences-observer.js: unify certain browser prefs for all users
  • referrer-forgery.js: always set the 'Referer' header to the current page
  • proxy-manager.js: transparent API for handling proxy settings
  • preferences-handler.js: transparent API for handling preferences

Minor new features:

  • Setting a customized JonDoFox title string to each window
  • Enforce certain cookie preferences
  • Disable the history on startup by default

Minor modifications:

  • Distributing the chrome folder as a .jar-archive now
  • Integrated compatibility for Firefox up to version 3.1a2
  • New license: modified BSD license

Changes in version 0.1a3 - 2008-08-05:

Minor modifications:

  • Modified instruction text
  • Optimized png's in file sizes

Changes in version 0.1a2 - 2008-08-01:

Major improvements:

  • Replaced jpg's used in instructions by png's with transparent background
  • Making use of locales (until now only de-DE and en-US is supported)
  • Compatibility to Firefox 2 by providing different versions of the file netError.xhtml and defining 'appversion' in chrome.manifest

Minor improvements:

  • Catching an uncaught exception that was thrown on 'view source code'
  • Removed 'contents.rdf' files since these are needed for backwards compatibility (to Firefox < 1.5) only

Changes in version 0.1a1 - 2008-07-29:

This is the initial version of the JonDoFox-Extension

Personal tools