JonDoFox extension for Firefox
From JonDonym Wiki
(Difference between revisions)
| Line 1: | Line 1: | ||
<iimg>[[JonDoFox extension for Firefox]]![[Image:en2.png]]</iimg><iimg>[[JonDoFox extension for Firefox/de]]![[Image:de2.png]]</iimg> [[Changelogs and Sources]] | <iimg>[[JonDoFox extension for Firefox]]![[Image:en2.png]]</iimg><iimg>[[JonDoFox extension for Firefox/de]]![[Image:de2.png]]</iimg> [[Changelogs and Sources]] | ||
| + | |||
| + | ====Changes in version 0.6.7.8==== | ||
| + | Date: 2016-01-19 | ||
| + | |||
| + | * general.useragent.override: | ||
| + | Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0 | ||
| + | |||
| + | * general.buildID.override: | ||
| + | (empty string) | ||
| + | |||
| + | * general.appversion.override | ||
| + | 5.0 (Windows) | ||
====Changes in version 0.6.7.7==== | ====Changes in version 0.6.7.7==== | ||
Revision as of 16:21, 19 January 2017
Changes in version 0.6.7.8
Date: 2016-01-19
- general.useragent.override:
Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0
- general.buildID.override:
(empty string)
- general.appversion.override
5.0 (Windows)
Changes in version 0.6.7.7
Date: 2016-08-13
- fix: error messages after network errors are now displayed correctly, again
Changes in version 0.6.7.6
Date: 2016-05-17
- font.blacklist.underline_offset was changed, so that no system fonts are disclosed any more
- network.http.accept-encoding.secure was changed, so that it - again - consequently prints "gzip, deflate"
Changes in version 0.6.7.4
Date: 2015-10-19
- Set multiprocessCompatible mark
- New TOR-Browser User-Agent
Changes in version 0.6.7.3
Date: 29.09.2015
- Profile-Update Check made dynamic
- Missing SSL-Observatory entrys from HttpsEverywhere 5.1.0 added
Changes in version 0.6.7.2
Date: 16.09.2015
- Compatibility till FF 43
Data privacy-settings added:
- Timing APIs deactivated
- Keyboard Fingerprinting denied
- Spekulatives Laden von Websites denied
- Web IDE deactivated
Changes in version 0.6.7.1
Date: 2015-09-10
- Mozilla signature
- Compatibility until FF 42
Changes in version 0.6.6.16
Date: 2015-06-17
- bump user agent fakes to the latest Firfox versions (38)
- always display insecure renegotation as broken (security.ssl.treat_unsafe_negotiation_as_broken: true)
- Disabled Javascript sharedWorker and upload of health report
- Fixed SSL Observatory by removing own implementation and force HTTPSEverywhere to use our proxy settings
- Updated secure/insecure SSL cipher because of Logjam attack
- Removed dispostable email services Spamavert and Trash-mail, because these service are not working anymore
- made weak cipher message clearer
- CookieController-Checkbox added for optionally enabling reload on switch
- set maxVersion to 42
Changes in version 0.6.6.15
Date: 2015-04-22
- Added options to enforce secure SSL settings
- Disabled heartbeat user rating system
- Bump user agent fakes to the latest Firefox versions
- Enforce Noscript ABE settings
Changes in version 0.6.6.14
Date: 2015-03-07
- reversed to 0.6.6.12 code due to various login problems
Changes in version 0.6.6.13
Date: 2015-03-05
- secured SSL settings for latest Firefox versions
- small bugfix for user agent fake for Firefox 36.0 (Win)
Changes in version 0.6.6.12
Date: 2015-02-26
- bugfix for cache management
- disabled SSL session identifiers for Firefox 36
- delete HSTS header in server responses to avoid HSTS tracking
- dont't enforce privacy.clearOnShutdown.siteSettings=true any more
- bump user agent fakes to the latest Firfox versions
- required JonDoFox profil is version 2.11.0
- small code cleanup
Changes in version 0.6.6.11
Date: 2015-01-15
- enabled dom.indexedDB.enabled for Firefox 35 because of a bug in Firefox (we recommend the usage of Firefox 31.4.0 ESR, which is not affected by the bug)
- small bugfix for about:jondofox page
- bump BuildID for JonDo user agent fake to the latest ESR version of Firefox
Changes in version 0.6.6.10
Date: 2015-01-12
- Bugfix for clear cache if proxy was switched.
- Disable sensors API and netinfo API.
- Clear site permissions on shutdown.
- Disable download of safebrowsing DB for FF 34.
- Bump user agent fake for Firefox (Win32) to FF34.
Changes in version 0.6.6.9
Date: 2014-10-22
- Disabled media.video_stats.enable, plugins.enumerable_names, experiments.supported, experiments.enabled, beacon.enabled and loop.enabled (FF34).
- Don't show MD5 fingerprints in CertificatePatrol dialogs.
- Set noscript.iframes.enabled to privacy relevant and observe it.
Changes in version 0.6.6.8
Date: 2014-10-17
- bugfix for preferences observer
Changes in version 0.6.6.7
Date: 2014-10-16
- Disabled insecure SSL cipher by default.
- Disabled Youtube ruleset in HTTPSEverywhere if insecure SSL cipher are disabled.
- Bump user agent fakes to the latest Firefox version.
- Set user agent fake for Tor to the new TorBrowser 4.0.
- Bugfix for CertificatePatrol in combination with Firefox 33.0
Changes in version 0.6.6.6
Date: 2014-10-09
- set places.history.enabled to false
Changes in version 0.6.6.3
Date: 2014-09-09
- bump user agent fakes to latest Firefox versions
- disabled safebrowsing
Changes in version 0.6.6.2
Date: 2014-08-28
- small bugfix for new tab config
Changes in version 0.6.6.1
Date: 2014-07-29
- allow installation of UnPlug</li>
- disable browser.safebrowsing.appRepURL
Changes in version 0.6.6
Date: 2014-07-24
- removed additional third party cookie protection because it is done CookieController
- enabled weak TLS cipher by default, because of many problems with websites
- bump user agent fakes to latest Firefox versions
Changes in version 0.6.5.2
Date: 2014-07-15
- Disabled additional third party cookie protection by default because of login problems on some large websites.
- Using Firefox ESR for custom Windows user agent fake, if Firefox 24.x is used.
Changes in version 0.6.5.1
Date: 2014-06-26
- bugfix for net error messages
Changes in version 0.6.5
Date: 2014-06-25
- Disabled weak SSL cipher and add an option to the preferences dialog to activate it if required.
Changes in version 0.6.4
Date: 2014-06-14
- Bump user-agent fakes to the latest Firefox release.
Changes in version 0.6.3.2
Date: 2014-05-17
- Enforce typeinference for Javascript only for content and not for chrome (Firefox > 26.0).
Changes in version 0.6.3.1
Date: 2014-05-09
- Disabled network.seer.enabled for Firefox 29 in JonDo and Tor mode.
Changes in version 0.6.3
Date: 2014-04-29
- Added additional third party cookie protection.
- Enforce some Javascript settings to improve security. It will slow down Javascript a little bit but not significantly.
- Disabled Mozilla snippet downloads.
- Enabled websockets for Firefox 29
- Bump user-agent fakes to the latest Firefox release.
Changes in version 0.6.2
Date: 2014-04-02
- Disabled websockets in JonDo mode and Tor more because of a bug in Firefox
- Enabled SPDY for no-proxy mode to match Firefox default settings
Changes in version 0.6.1
Date: 2014-03-02
- Enforce cache settings at startup and proxy switch
- Disabled media.cache, because it is written to disk
- Update JonDoFox and JonDoBrowser feature page
Changes in version 0.6.0.1
Date: 2014-03-19
- Bump user agent fake for Firefox (Win32) for custom proxy to Firefox 28
Changes in version 0.6
Date: 2014-03-17
- Disable all plugins but Flash for "no proxy" and "custom proxy" because plugin enumeration is used by fingerprinters
- Disabled Firefox formfill assistance for privacy reasons
- Do not add downloads to recent documents of Windows desktop to avoid traces on disk
- Disabled network.dns.disablePrefetch
- Clear DNS cache on proxy switch
- Disabled app.update.enabled for FreeBSD, NetBSD, OpenBSD to avoid useless connects to Mozilla
- Added option to config dialog for always set the proxy to JonDo on startup
- Added a function to reset all values to JonDoFox default by reset extensions.jondofox.firstStart and restart the browser
- Bump buildIDs for user agent fakes to latest Firefox esr
- several bugfixes
Changes in version 0.5.8
Date: 2014-02-27
- Remove all proxy exeptions, because it is risk for anonymity
- Improved Do-Not-Track handling (enforced for JonDo and Tor but configurable else)
- Enforce plug-in handling if JonDo-UA or Tor-UA was selected for custom proxy
- Remove setting of charset in HTTP header, because it is not send by Firefox (only code cleanup)
- Bump buildID for Windows-UA fake to latest Firefox 27.0
- Improved proxy error page and fixed OS specific download links for JonDo
Changes in version 0.5.7.1 (only JonDoBrowser)
Date: 2014-02-13
- set JonDoBrowser version to 0.13 for update hint
Changes in version 0.5.7
Date: 2014-02-10
- Added user agent fake for Firefox (Windows) to custom proxy configuration
- Disabled gamepad API because it will be enabled in FF 28 by default
- Clear site specific permissions on proxy switch
- Bump buildID for JonDoFox-UA to latest Firefox esr
Changes in version 0.5.6
Date: 2014-02-01
- Deaktivated Flash by default to avoid differnces between JonDoFox and JonDoBrowser
- Remove temp. Javascript permission if proxy was changed
- Forces image.http.accept to the value of FF24 to avoid differences if newer FF are used
- Updates for about:jondofox and about:jondobrowser pages
Changes in version 0.5.5
Date: 2014-01-21
- Added buildID of Firefox to UA fake, to make it more plausible
Changes in version 0.5.4
Date: 2014-01-16
- disabled Do-Not-Track in Tor mode
- small GUI cleanup in preferences dialog
Changes in version 0.5.3
Date: 2014-01-10
- disable clipboardevents to block access to the clipboard by Javascript
Changes in version 0.5.2
Date: 2013-12-27
- bugfix for German translation
Changes in version 0.5.1
Date: 2013-12-23
- set Tor user-agent to latest TorBrowser release
- bugfix for safebrowsing URLs
Changes in version 0.5
Date: 2013-12-09
- using return value of SSL observatory to generate a warning in case of issues
- change settings dialog for aditional checks of SSL certificates
- disable Certificate Patrol by default, but it may be used as an alternative for SSL observatory
- block HTTP-Auth tracking silent
Changes in version 0.4
Date: 2013-11-08
- Change the user agent fake for JonDo to Firefox 24 (Linux, i686)
- Proxy settings are configurable in about:config (for advanced user)
- Set SOCKS5 proxy for JonDo too.
Changes in version 0.3
Date: 2013-09-17
- secured proxy switch (close all tabs, delete crypto tokens, auth tokens, cache and image cache)
- removed disposable email provider Mailinator.com an added dispostable.com and trash-mail.com
Changes in version 0.2.29
Date: 2013-05-15
Minor improvement:
- removed query string in third party Referer headers due to possible information leaks
Bugfix:
- fixed broken image loading due to bad Accept header
Other:
- code clean-up
Changes in version 0.2.28
Date: 2013-04-02
Minor improvement:
- added UnPlug icon to the toolbar
- add-on bar is collapsed by default on Firefox >= 4
- disabled no-proxy-warning on start-up if JonDoBrowser is used
- disable WebRTC for JonDoFox users as it may compromise the anonymity
Bugfix:
- disable auto load of files with pdf/application MIME type already on first start of a new profile
- fixed bug in Referer spoofing logic
Other:
- code clean-up
- updated SSL Observatory certificate whitelist
Changes in version 0.2.27.1
Date: 2013-03-11
Bugfix:
- updated Tor user agent to match the default one in the Tor Browser
Other:
- bumped JonDoBrowser version to 0.5.1
Changes in version 0.2.27
Date: 2013-02-19
Minor improvement:
- prepared JonDoFox to work with automatic JonDoBrowser updates (on Linux first)
Other:
- code clean-up
Changes in version 0.2.26
Date: 2013-01-08
Minor improvement:
- updated about:jondobrowser help page
Bugfixes:
- worked around Authentication/Cache/Referer issue due to: https://bugzilla.mozilla.org/show_bug.cgi?id=811669
- replaced the removed getOriginatingURI() method with custom code
Other:
- code clean-up
Changes in version 0.2.25.1
Date: 2012-12-04
- bumped JonDoBrowser version to 0.3.1
Changes in version 0.2.25
Date: 2012-11-21 Minor improvements:
- disabled all plugins per default in JonDo mode if JonDoFox is used in JonDoBrowser
- enabled WebSockets as they don't bypass the proxy if used with an HTTP proxy
Bugfixes:
- added missing "extensions.jondofox.noscript_showDomain" preference
- let add-ons get updated automatically to provide timely security updates
- made JonDoFox compatible with Firefox 17 as we ourselves need to take care that no connection is kept alive now
- fixed wrong encoding header for Firefox < 4
Other:
- code clean-up
Changes in version 0.2.24.2
Date: 2012-10-28
- bumped JonDoBrowser version to 0.2.2
Changes in version 0.2.24.1 (JonDoBrowser on Windows only)
Date: 2012-10-22
- bumped JonDoBrowser version to 0.2.1
Changes in version 0.2.24
Date: 2012-10-09
Minor improvements:
- disabled "extensions.blocklist.enabled" in order to not allow Mozilla to disable one of our extensions and to avoid OS and kernel information leaks (see: https://trac.torproject.org/projects/tor/ticket/6734)
- slightly updated SSL Observatory code to match the HTTPS Everywhere 3.0 release
- improved english about:jondofox/about:jondobrowser translation (thanks to sovereignpress)
- bumped maxVersion to 17.*
Changes in version 0.2.23
Date: 2012-08-30
Minor improvements:
- updated Tor User Agent
- disabled "dom.network.enabled" to avoid sniffing of the connection type via JavaScript
- disabled the capturing of thumbnails for the New Page tab (set "browser.pagethumbnails.capturing_disabled" to true)
- made some explanations more precise/updated language strings
Other:
- added language strings for JonDoBrowser
Changes in version 0.2.22
Date: 2012-07-17
Minor improvements:
- new JonDoFox logo
- enhanced temporary e-mail feature in the context menu
- code clean-up
Changes in version 0.2.21
Date: 2012-06-05
Bugfixes:
- fixed corner case in HTTP-Authentication defense code
- fixed race condition in HTTP-Authentication defense code
- fixed variable redeclaration in CertPatrol code
Changes in version 0.2.20
Date: 2012-04-24
Minor improvements:
- improved HTTP-Authentication defense and notified user about possible tracking attempts
- adapted integrated SSL Observatory logic to reference implementation
- disabled SPDY by default
- disabled NavigationTiming API by default
Bugfixes:
- fixed small bug in Date spoofing code (saved TZ was reset during add-on upgrade)
- do not write to stderr/stdout if the debug preference is set to false
- fixed wrong HTTP header after switching from custom mode to Tor mode
- fixed loading of about:jondofox in every new window after upgrading JonDoFox
Other:
- code clean-up
Changes in version 0.2.19
Date: 2012-03-13
Minor improvements:
- implemented version check for JonDoBrowser
- resolved compatibility issue with Bookmark Autohider
- fixed some typos in german about:jondofox text
- added new pref that sets dom.battery.enabled to false
- set plugin notification preference according to the JonDoFox mode
Bugfix:
- repaired some possible null pointers
Changes in version 0.2.17.1
Date: 2012-02-03
Minor improvements:
- corrected CHANGELOG
- compatibility with profile 2.6.3
Changes in version 0.2.17
Date: 2012-01-31
Minor improvements:
- added positioning parameter to the JonDoFox menu popup to avoid loading the anontest unnecessarily
- made JonDoFox compatible with JonDoBrowser
- updated preferences to match Firefox 10 values
- set maxVersion to 12.0a1
Changes in version 0.2.16 - 2011-12-20
Minor improvement:
- added link to our wiki for further temporary e-mail services
Changes in version 0.2.15 - 2011-11-30
New Features:
- implemented protection against tracking via TLS Session Resumption
- using the TZ environment variable to deliver a uniform time zone in JonDonym and Tor mode (thanks to Torbutton for the idea)
Minor improvements:
- modified plugin feature to allow customizations in no proxy and custom proxy mode
- set maxVersion to 11.0a1
Bugfixes:
- corrected missing release date of 0.2.14.1 in CHANGELOG
- repaired possible null pointer in overlay code
Changes in version 0.2.14.1 - 2011-11-09
Bugfix:
- disabled plugins are not enabled automatically anymore if the Plugin feature is not used
Changes in version 0.2.14 - 2011-11-08
New Feature:
- option to disable all plugins but Flash in JonDo mode; included a hidden option (extensions.jondofox.disableAllPluginsJonDoMode) to disable even Flash; all plugins are disabled in Tor mode by default and enabled in no-proxy mode; in custom-proxy mode the behavior depends on the chosen UA
Minor Improvements:
- improved change dialog for CertPatrol (uniform coloring of old (red) and new attributes (green))
- improved error page for Windows users
- raised maxVersion of JonDoFox to Firefox 10.0a1
Bugfixes:
- fixed wrong sent FF version to Google's safebrowsing server
- fixed wrong entity for JonDo Mac image link in german language file
Changes in version 0.2.13 - 2011-09-27
Minor improvement:
- greatly improved CertPatrol change cert/new cert dialog
- included CertPatrol (2.0.12) code to check third party SSL certificates
- restricted browser.sessionhistory.max_entries to 2 due to fingerprinting issues (only for Firefox >= 4)
- slightly enhanced window.name logic (no removal of window.name id in 3rd party contexts without Referrer anymore)
- made JonDoFox compatible with Firefox up to 9.*
Bugfixes:
- fixed OCSP problem while having SafeCache activated
- spoofed network.http.accept.default properly for Tor mode
- fixed encoding bug (now gzip, deflate is properly used)
- fixed CHANGELOG file: added missing custom font deactivation in profile 2.5.3
- fixed not working pref dialog opened via about:addons/the tools menu
Changes in version 0.2.12 - 2011-08-19
Bugfixes:
- fixed HTTP Authentication tracking problem for FF 3.6.*
Changes in version 0.2.11 - 2011-08-16
Bugfixes:
- fixed problem that http auth protection got not disabled if SafeCache protection is disabled
Changes in version 0.2.10 - 2011-08-16
New Feature:
- mitigating tracking risks related to HTTP Authentication
Minor improvement:
- new User Agent
- enhanced confusing error page that shows up while retrieving TLS content without being connected to a cascade
- added (correct) API link to observatory context help again
- better handling of context help dialogs if a link got clicked (the popup is closed in this case)
- no Accept-Charset header will be sent anymore as it is done in FF6 by default
- enhanced SafeCache logic
- new Tor User Agent
- exchanged methods to handle JSON due to https://bugzilla.mozilla.org/show_bug.cgi?id=645922
Bugfixes:
- removing port values now before comparing the Referer URL with the one actually surfed in order to decide whether to spoof the Referer or not
Changes in version 0.2.9.1 - 2011-06-21
Bugfixes:
- removed dead link from the observatory context help
- fixed link error in start help page on MacOS
Changes in version 0.2.9 - 2011-06-20
New Feature:
- implemented code to help the EFF regarding their distributed SSL observatory (see: https://www.eff.org/observatory)
Minor improvement:
- option to autostart of JonDo if it is not already started
- JonDoFox toolbar button is available (and automatically installed on Firefox >= 4) now
- vastly improved error page that comes up if one wants to surf but JonDo is not yet available
- disabled webgl.disabled due to security issues
- made safebrowsing moz:client and LOCALE settings uniform
- set dom.indexedDB.enabled to "false" due to tracking risks
- it is now possible to deactivate the temporary e-mail feature.
- replaced two temporary E-mail services (trash-mail.com and dispostable.com) with mailforspam.com and spamavert.com
- improved warning dialog if a user starts without a valid proxy or is trying to choose one later
- no empty tab anymore while displaying about:jondofox or download pages of missing or disabled add-ons or the ip check
- set feed handler to "bookmarks" if the respective handler is set to "reader" and the respective default handler to "client"
Bugfixes:
- fixed a bug in the request observer (some corner cases did not get treated properly by our SafeCache and Referer spoofing logic due to it)
- corrected some glitches in JonDoFox' popup menu on Windows and MacOS
Changes in version 0.2.8.4 - 2011-03-28
Bugfixes:
- exclude passwords while deleting browser history related data via privacy.sanitize.sanitizeOnShutdown
Changes in version 0.2.8.3 - 2011-03-23
Minor improvement:
- set privacy.sanitize.sanitizeOnShutdown back to true again but excluded visited page history (due to NoScript's STS feature) and included passwords and offline apps
- collapsed Gopher row in prefs-dialog if FF4 is used
- updated JonDoFox profile update message
- changed anontest and german profile update URL
Bugfixes:
- if no add-on is activating the addon bar JDF is not displayed; now we are activating it ourselves if necessary
Changes in version 0.2.8.2 - 2011-03-02
Minor improvement:
- if Cookie Monster is missing, a tab opens the correct add-on to install (unfortunately there are two with the same name)
Bugfixes:
- set privacy.sanitize.sanitizeOnShutdown back to false due to compatibility issues with NoScript's STS implementation.
- a warning is shown in FF4 now as well, if NoScript is disabled
Changes in version 0.2.8.1 - 2011-02-25
Bugfixes:
- reverted UA to old one due to compatibility issues with stable JonDo
Changes in Version 0.2.8 - 2011-02-24
New Feature:
- full Firefox 4 compatibility
- included the DNT header
- included core Bloody Vikings functionality (getting a temporary email address easily)
Minor improvement:
- activated browser history again (in FF4) as the :visited bug got fixed by Mozilla
- set extensions.update.autoUpdateDefault and extensions.getAddons.cache.enabled to false to stop unnecessary pings to Mozilla (FF4)
- changed english anontest homepage to ip-check.info
- updated UA to match english FF 3.6.13
- allowed to enable/disable proxy keep-alive for custom proxies
- developed new overlay for FF >= 4.0b7pre as the statusbar is deprecated now (but the addon-bar is not used yet)
- updated the links to our new homepage and cleaned code in jondofox-gui.js
- fixed Firefox 4 issues with our netError.xhtml override
- set network.http.accept-encoding in FF4 to "gzip,default"
- There was no need to exclude FF 3.0 users. Lowering the minVersion to 3.0
- if one prefs dialog is open and a new one shall be opened: focus the old one instead of doing nothing
- Added "Proxy: " to the proxy label in the statusbar
- created an about-JonDoFox (i.e. about:jondofox) entry in the settings menu
- set privacy.sanitize.sanitizeOnShutdown to true in oder to delete Flash cookies on shutdown in FF4 (see: bug 290456)
Bugfixes:
- fixed an issue concerning our searchbar deletion functionality in FF4
- reset intl.accept_languages to default value if user has no proxy or custom one with no faked UA
- repaired broken links in about-dialog.xul
- give a warning popup in all cases a custom proxy is misconfigured
Changes in Version 0.2.7 - 2010-09-30
New Feature:
- if someone sets a TabID (to track the user) it is deleted if the user surfs to a new domain
Minor improvement:
- set browser.send_pings to false just in case a user enables it (by accident or whatever)
- set plugin.expose_full_path to false to prevent the attacker from extracting the plugins' absolute path in the file system
- set browser.zoom.siteSpecific to false to prevent an attacker from tracking users via their specific zoom settings
- simplified the SafeCache code (got rid of the MD5-code and use now nsICryptoHash)
- set network.websocket.enabled to false until we can reliably say whether this pref is harmless
Bugfixes:
- corrected general.productsub.override to general.productSub.override
- corrected "en-us" in general.appversion.override to "en-US"
- corrected user agent update mechanism for JDF + FF 4 (now, updates of default UA prefs result in a update of the UA in the browser in any case if JDF is updated)
Changes in Version 0.2.6 - 2010-09-09
New Feature:
- compatibility with FF4 (up to and including beta 4)
- "extensions.jondofox.search_suggest_enabled" is set to "false" and disables the search suggestion feature in the browser
- a JonDoFox feature page is shown during start-up of a new extension version and may be loaded if "Features" in the proxyswitcher menu is clicked; included an about:jondofox shortcut that is linked to our feature page
- included a slightly enhanced version of Certificate Patrol to provide a better detection of MITM attacks
- the search history is deleted after every 30 minutes now
- the searchbar value (as well as the "UnDo" and "ReDo" ones) is deleted as soon as the user starts a search via the searchbar; this feature may be disabled using the extensions.jondofox.delete_searchbar preference
Minor improvement:
- changes regarding network.http.accept.default are not ignored anymore
- a HTTP/S-proxy is now configurable in the Tor proxy setting via about:config
- optimized our referer logic
- updated the proxyswitcher popup (got a tooltiptext, replaced "Anontest" and the mouse cursor changes while it hovers over the proxyswitcher text)
- improved the about dialog (link to feature page included; links open in tabs now and are marked as such; mouse cursor changes while hovering over them)
Bugfixes:
- adapted the text concerning the "referer-checkbox"
- fixed a bug in the unmap() function of the preferences-mapper
- the preference dialog is always shown using the flag "centerscreen" now
- fixed a possible exception in our referrer code
- fixed a bug in the proxy circumvention code
- fixed a bug concerning the MIME detection we need for showing the proper warning overlay in the external helperapp dialog
Changes in Version 0.2.5 - 2010-05-19
New Feature:
- included a 'pdf-warning' if a pdf-plugin is enabled; and added a help-button which opens a new Tab with the 'harden Adobe' text in our Wiki
- show the JonDoFox download page if the user should update the profile and has not disabled the update warning
- improved referrer logic: if 3rd party content is loaded the referrer is not modified
- "extensions.jondofox.security.default_personal_cert" is set to "Ask Every Time" and makes thus sure that user certificates are not sent automatically to the server
- "extensions.jondofox.security.remember_cert_checkbox_default_setting" is set to "false" and makes thus sure that the user is not sending a user certificate automatically during a session if she just clicks through the dialog once
Minor Improvement:
- show only second-level domains in the NoScript menu (once a new version of the JonDoFox extension is found "extensions.jondofox.noscript_showDomain" is checked and if it is set to "false" only the second-level domains are shown)
- updated the Tor User Agent and corrected Accept Headers while faking Tor
- moved relevant functions to jondofox-utils
New XPCOM-Component:
- safecache.js: moved SafeCache's functionality to an own component
Bugfixes:
- fixed localization issues in about dialog
- fixed leaking Accept Header
- corrected a problem concerning rendering the external helperapp dialog
Changes in version 0.2.4.1 - 2010-01-25
Minor improvement:
- removed loading of anontest automatically during startup if the user is trying to surf without a proxy
Changes in version 0.2.4 - 2010-01-21
New Features:
- new referrer logic
- included SafeCache's functionality
- show anontest page on startup if no (proper) proxy is configured
- there is now a new preference, extensions.jondofox.alwaysUseJonDo, which, if set to true, ignores the proxy used in the last session and lets the browser start always with JonDo; default is "false"
- added a special overlay which is shown to the user if she wants to download a .doc or a .rtf file: OpenOffice.org shall be used for security's sake
New XPCOM component:
- jondofox-utils.js: all the utility functions needed shall be stored here
Minor improvements:
- excluded the warning regarding opening mailto-links
- the modified unknowncontenttype dialog behaves more like the unmodified one; i.e. the settingschange element is hidden again if the Open-button is selected after the Save-button and the checkbox have been selected
Changes in verison 0.2.3 - 2009-11-10
New Features:
- Minimized the need for updating the whole profile if there are changes in the extension
- included several new warnings which may be disabled by the user:
- update warnings (if the user has to update/enable the profile or some other extensions (NoScript, SafeCache))
- preference warnings (in case the user modifies the recommended prefs and thus is not surfing securely anymore)
- proxy warnings (if the user is not using a proper configured proxy or no proxy at all for her surfing)
- 'Benutzerdefiniert' or 'Custom Proxy' is now shown in red letters as well if there is, despite its appearance, no properly configured proxy in use
- The user may change the UA if she configures a custom proxy (not faked, the Tor-UA, JonDo-UA). If there is no proxy in use, the unfaked UA is sent if Tor the Tor one and if JonDo the JonDo UA
- Improvement of the download of files without using a proxy (via the context menu). Now the user can be redirected to an other location and the download is not done using the Mix-cascades.
- Warnings if the downloads files which may be opened by external apps
- Prohibiting the option of opening files automatically with an external app
- Improved the Custom Proxy dialog. It works now like the proxy settings panel in Firefox (remembering old values if the box 'Use settings for all protocols' is checked...)
- If there is no appropriate Custom Proxy set but nevertheless used it is not possible to download files via the context menu: the bypassing proxy option is deactivated
Location Neutrality:
- Preference for setting 'accept charsets' to 'text/html,application/xml,*/*'; this was necessary due to some yahoo pages which do not work with '*/*' anymore
Minor improvements:
- Copied a icon in the root directory of the extension (icon.png) thus the JonDoFox icon is still shown even if the extension is disabled (Feature of Firefox 3.6)
- modified a misleading log message in jondofox-gui.js
Changes in version 0.2.0 - 2009-05-xx:
New Features:
- New Multi-Tabbed Configuration GUI
- Updated User Agent Headers
- Do not use proxy keep-alive connections
New Setting:
- Boolean 'extensions.jondofox.disable_history': If the value is true, set 'browser.history_expire_days' to 0 on startup
Location Neutrality:
- Override the default charset, but not to UTF-8
- Replaced 'en' by 'en-us'
- Equally accept all charsets by setting 'accept_charsets' to '*'
Changes in version 0.2b3 - 2008-10-24:
Compatibility:
- Allowing RefControl if 'set_referrer' is set to false
Changes in version 0.2b2 - 2008-10-23:
New features:
- Add an internal property for toggling referrer headers
- Show JonDoFox homepage after extension upgrades
Changes in version 0.2b1 - 2008-10-20:
New features:
- Clearing all cookies on every state change
- Added a customizable proxy configuration to the proxy switcher
- Set the 'Accept'-header of every request to '*/*'
- Using different colors for different proxy states (red/black)
- Added icons to the statusbar popup
- Automatically restarting the browser after uninstalling other extensions
Changes in version 0.2a1 - 2008-09-16:
Major features:
- Integrated a self-implemented proxy switcher
New XPCOM components:
- preferences-observer.js: unify certain browser prefs for all users
- referrer-forgery.js: always set the 'Referer' header to the current page
- proxy-manager.js: transparent API for handling proxy settings
- preferences-handler.js: transparent API for handling preferences
Minor new features:
- Setting a customized JonDoFox title string to each window
- Enforce certain cookie preferences
- Disable the history on startup by default
Minor modifications:
- Distributing the chrome folder as a .jar-archive now
- Integrated compatibility for Firefox up to version 3.1a2
- New license: modified BSD license
Changes in version 0.1a3 - 2008-08-05:
Minor modifications:
- Modified instruction text
- Optimized png's in file sizes
Changes in version 0.1a2 - 2008-08-01:
Major improvements:
- Replaced jpg's used in instructions by png's with transparent background
- Making use of locales (until now only de-DE and en-US is supported)
- Compatibility to Firefox 2 by providing different versions of the file netError.xhtml and defining 'appversion' in chrome.manifest
Minor improvements:
- Catching an uncaught exception that was thrown on 'view source code'
- Removed 'contents.rdf' files since these are needed for backwards compatibility (to Firefox < 1.5) only
Changes in version 0.1a1 - 2008-07-29:
This is the initial version of the JonDoFox-Extension
