JonDoFox extension for Firefox
From JonDonym Wiki
(Difference between revisions)
Line 11: | Line 11: | ||
* activated browser history again (in FF4) as the :visited bug got fixed by Mozilla | * activated browser history again (in FF4) as the :visited bug got fixed by Mozilla | ||
− | * set extensions.update.autoUpdateDefault to false to stop unnecessary pings to Mozilla (FF4) | + | * set extensions.update.autoUpdateDefault and extensions.getAddons.cache.enabled to false to stop unnecessary pings to Mozilla (FF4) |
* changed english anontest homepage to ip-check.info | * changed english anontest homepage to ip-check.info | ||
* updated UA to match english FF 3.6.13 | * updated UA to match english FF 3.6.13 |
Revision as of 13:41, 24 February 2011
Changes in Version 0.2.8 - 2011-02-24
New Feature:
- full Firefox 4 compatibility
- included the DNT header
- included core Bloody Vikings functionality (getting a temporary email address easily)
Minor improvement:
- activated browser history again (in FF4) as the :visited bug got fixed by Mozilla
- set extensions.update.autoUpdateDefault and extensions.getAddons.cache.enabled to false to stop unnecessary pings to Mozilla (FF4)
- changed english anontest homepage to ip-check.info
- updated UA to match english FF 3.6.13
- allowed to enable/disable proxy keep-alive for custom proxies
- developed new overlay for FF >= 4.0b7pre as the statusbar is deprecated now (but the addon-bar is not used yet)
- updated the links to our new homepage and cleaned code in jondofox-gui.js
- fixed Firefox 4 issues with our netError.xhtml override
- set network.http.accept-encoding in FF4 to "gzip,default"
- There was no need to exclude FF 3.0 users. Lowering the minVersion to 3.0
- if one prefs dialog is open and a new one shall be opened: focus the old one instead of doing nothing
- Added "Proxy: " to the proxy label in the statusbar
- created an about-JonDoFox (i.e. about:jondofox) entry in the settings menu
- set privacy.sanitize.sanitizeOnShutdown to true in oder to delete Flash cookies on shutdown in FF4 (see: bug 290456)
Bug fixing:
- fixed an issue concerning our searchbar deletion functionality in FF4
- reset intl.accept_languages to default value if user has no proxy or custom one with no faked UA
- repaired broken links in about-dialog.xul
- give a warning popup in all cases a custom proxy is misconfigured
Changes in Version 0.2.7 - 2010-09-30
New Feature:
- if someone sets a TabID (to track the user) it is deleted if the user surfs to a new domain
Minor improvement:
- set browser.send_pings to false just in case a user enables it (by accident or whatever)
- set plugin.expose_full_path to false to prevent the attacker from extracting the plugins' absolute path in the file system
- set browser.zoom.siteSpecific to false to prevent an attacker from tracking users via their specific zoom settings
- simplified the SafeCache code (got rid of the MD5-code and use now nsICryptoHash)
- set network.websocket.enabled to false until we can reliably say whether this pref is harmless
Bug fixing:
- corrected general.productsub.override to general.productSub.override
- corrected "en-us" in general.appversion.override to "en-US"
- corrected user agent update mechanism for JDF + FF 4 (now, updates of default UA prefs result in a update of the UA in the browser in any case if JDF is updated)
Changes in Version 0.2.6 - 2010-09-09
New Feature:
- compatibility with FF4 (up to and including beta 4)
- "extensions.jondofox.search_suggest_enabled" is set to "false" and disables the search suggestion feature in the browser
- a JonDoFox feature page is shown during start-up of a new extension version and may be loaded if "Features" in the proxyswitcher menu is clicked; included an about:jondofox shortcut that is linked to our feature page
- included a slightly enhanced version of Certificate Patrol to provide a better detection of MITM attacks
- the search history is deleted after every 30 minutes now
- the searchbar value (as well as the "UnDo" and "ReDo" ones) is deleted as soon as the user starts a search via the searchbar; this feature may be disabled using the extensions.jondofox.delete_searchbar preference
Minor improvement:
- changes regarding network.http.accept.default are not ignored anymore
- a HTTP/S-proxy is now configurable in the Tor proxy setting via about:config
- optimized our referer logic
- updated the proxyswitcher popup (got a tooltiptext, replaced "Anontest" and the mouse cursor changes while it hovers over the proxyswitcher text)
- improved the about dialog (link to feature page included; links open in tabs now and are marked as such; mouse cursor changes while hovering over them)
Bug fixing:
- adapted the text concerning the "referer-checkbox"
- fixed a bug in the unmap() function of the preferences-mapper
- the preference dialog is always shown using the flag "centerscreen" now
- fixed a possible exception in our referrer code
- fixed a bug in the proxy circumvention code
- fixed a bug concerning the MIME detection we need for showing the proper warning overlay in the external helperapp dialog
Changes in Version 0.2.5 - 2010-05-19
New Feature:
- included a 'pdf-warning' if a pdf-plugin is enabled; and added a help-button which opens a new Tab with the 'harden Adobe' text in our Wiki
- show the JonDoFox download page if the user should update the profile and has not disabled the update warning
- improved referrer logic: if 3rd party content is loaded the referrer is not modified
- "extensions.jondofox.security.default_personal_cert" is set to "Ask Every Time" and makes thus sure that user certificates are not sent automatically to the server
- "extensions.jondofox.security.remember_cert_checkbox_default_setting" is set to "false" and makes thus sure that the user is not sending a user certificate automatically during a session if she just clicks through the dialog once
Minor Improvement:
- show only second-level domains in the NoScript menu (once a new version of the JonDoFox extension is found "extensions.jondofox.noscript_showDomain" is checked and if it is set to "false" only the second-level domains are shown)
- updated the Tor User Agent and corrected Accept Headers while faking Tor
- moved relevant functions to jondofox-utils
New XPCOM-Component:
- safecache.js: moved SafeCache's functionality to an own component
Bug fixing:
- fixed localization issues in about dialog
- fixed leaking Accept Header
- corrected a problem concerning rendering the external helperapp dialog
Changes in version 0.2.4.1 - 2010-01-25
Minor improvement:
- removed loading of anontest automatically during startup if the user is trying to surf without a proxy
Changes in version 0.2.4 - 2010-01-21
New Features:
- new referrer logic
- included SafeCache's functionality
- show anontest page on startup if no (proper) proxy is configured
- there is now a new preference, extensions.jondofox.alwaysUseJonDo, which, if set to true, ignores the proxy used in the last session and lets the browser start always with JonDo; default is "false"
- added a special overlay which is shown to the user if she wants to download a .doc or a .rtf file: OpenOffice.org shall be used for security's sake
New XPCOM component:
- jondofox-utils.js: all the utility functions needed shall be stored here
Minor improvements:
- excluded the warning regarding opening mailto-links
- the modified unknowncontenttype dialog behaves more like the unmodified one; i.e. the settingschange element is hidden again if the Open-button is selected after the Save-button and the checkbox have been selected
Changes in verison 0.2.3 - 2009-11-10
New Features:
- Minimized the need for updating the whole profile if there are changes in the extension
- included several new warnings which may be disabled by the user:
- update warnings (if the user has to update/enable the profile or some other extensions (NoScript, SafeCache))
- preference warnings (in case the user modifies the recommended prefs and thus is not surfing securely anymore)
- proxy warnings (if the user is not using a proper configured proxy or no proxy at all for her surfing)
- 'Benutzerdefiniert' or 'Custom Proxy' is now shown in red letters as well if there is, despite its appearance, no properly configured proxy in use
- The user may change the UA if she configures a custom proxy (not faked, the Tor-UA, JonDo-UA). If there is no proxy in use, the unfaked UA is sent if Tor the Tor one and if JonDo the JonDo UA
- Improvement of the download of files without using a proxy (via the context menu). Now the user can be redirected to an other location and the download is not done using the Mix-cascades.
- Warnings if the downloads files which may be opened by external apps
- Prohibiting the option of opening files automatically with an external app
- Improved the Custom Proxy dialog. It works now like the proxy settings panel in Firefox (remembering old values if the box 'Use settings for all protocols' is checked...)
- If there is no appropriate Custom Proxy set but nevertheless used it is not possible to download files via the context menu: the bypassing proxy option is deactivated
Location Neutrality:
- Preference for setting 'accept charsets' to 'text/html,application/xml,*/*'; this was necessary due to some yahoo pages which do not work with '*/*' anymore
Minor improvements:
- Copied a icon in the root directory of the extension (icon.png) thus the JonDoFox icon is still shown even if the extension is disabled (Feature of Firefox 3.6)
- modified a misleading log message in jondofox-gui.js
Changes in version 0.2.0 - 2009-05-xx:
New Features:
- New Multi-Tabbed Configuration GUI
- Updated User Agent Headers
- Do not use proxy keep-alive connections
New Setting:
- Boolean 'extensions.jondofox.disable_history': If the value is true, set 'browser.history_expire_days' to 0 on startup
Location Neutrality:
- Override the default charset, but not to UTF-8
- Replaced 'en' by 'en-us'
- Equally accept all charsets by setting 'accept_charsets' to '*'
Changes in version 0.2b3 - 2008-10-24:
Compatibility:
- Allowing RefControl if 'set_referrer' is set to false
Changes in version 0.2b2 - 2008-10-23:
New features:
- Add an internal property for toggling referrer headers
- Show JonDoFox homepage after extension upgrades
Changes in version 0.2b1 - 2008-10-20:
New features:
- Clearing all cookies on every state change
- Added a customizable proxy configuration to the proxy switcher
- Set the 'Accept'-header of every request to '*/*'
- Using different colors for different proxy states (red/black)
- Added icons to the statusbar popup
- Automatically restarting the browser after uninstalling other extensions
Changes in version 0.2a1 - 2008-09-16:
Major features:
- Integrated a self-implemented proxy switcher
New XPCOM components:
- preferences-observer.js: unify certain browser prefs for all users
- referrer-forgery.js: always set the 'Referer' header to the current page
- proxy-manager.js: transparent API for handling proxy settings
- preferences-handler.js: transparent API for handling preferences
Minor new features:
- Setting a customized JonDoFox title string to each window
- Enforce certain cookie preferences
- Disable the history on startup by default
Minor modifications:
- Distributing the chrome folder as a .jar-archive now
- Integrated compatibility for Firefox up to version 3.1a2
- New license: modified BSD license
Changes in version 0.1a3 - 2008-08-05:
Minor modifications:
- Modified instruction text
- Optimized png's in file sizes
Changes in version 0.1a2 - 2008-08-01:
Major improvements:
- Replaced jpg's used in instructions by png's with transparent background
- Making use of locales (until now only de-DE and en-US is supported)
- Compatibility to Firefox 2 by providing different versions of the file netError.xhtml and defining 'appversion' in chrome.manifest
Minor improvements:
- Catching an uncaught exception that was thrown on 'view source code'
- Removed 'contents.rdf' files since these are needed for backwards compatibility (to Firefox < 1.5) only
Changes in version 0.1a1 - 2008-07-29:
This is the initial version of the JonDoFox-Extension