summaryrefslogtreecommitdiff
path: root/src/xss
Commit message (Expand)AuthorAgeFilesLines
* [XSS] Updated HTML5 events.hackademix2020-04-161-1/+1
* [XSS] Prevent DOS detection from being triggered for already aborted requests...hackademix2020-03-011-12/+36
* [XSS] More accurate base64 checks on hash.hackademix2020-02-291-7/+7
* Refactored XSS filter into an asynchronous worker to better handle DOS attempts.hackademix2020-02-294-59/+152
* [XSS] Abort on InjectionChecker timeouts.hackademix2020-02-101-1/+1
* [XSS] Updated recognized HTML events.hackademix2020-01-301-1/+1
* [XSS] Updated HTML 5 events inventory.hackademix2019-11-151-1/+1
* Fixed false positive (property assignment).hackademix2019-10-251-1/+2
* [XSS] Updated HTML5 events.hackademix2019-09-261-1/+1
* Removed XSS prompt for timeouts.hackademix2019-09-241-1/+1
* [XSS] Fix false positives due to overzealous HTML attribute checking.hackademix2019-08-021-2/+2
* [XSS] Enable InjectionChecker logging when debugging mode is on.hackademix2019-08-022-4/+4
* [XSS] Fixed false positives with parameters named "src".hackademix2019-06-241-1/+1
* Further JSON reduction optimizations.hackademix2019-05-281-4/+3
* Make XSS timeouts fatal and reported.hackademix2019-05-281-1/+2
* Fixed JSON parsing preamble regression.hackademix2019-05-281-1/+2
* XSS Filter made further asynchronous, prevents freezes on complex JSON payloads.hackademix2019-05-272-123/+147
* Updated InjectionChecker's HTML5 events.hackademix2019-05-221-1/+1
* Removed work-around for https://bugzilla.mozilla.org/show_bug.cgi?id=1532530...hackademix2019-05-221-15/+2
* Work-around for potential issues with legacy prefs.hackademix2019-03-281-3/+5
* Merge branch 'chromium' into merge/chromiumhackademix2019-03-272-5/+6
|\
| * Remove usage of non-standard Array methods.hackademix2019-02-011-5/+4
| * Fallback XSS filtering to XSS Auditor since asynchronous webRequest handlers ...hackademix2019-02-011-0/+2
* | Better detection of privileged URLs in the XSS filter.hackademix2019-03-241-0/+3
* | Improved unscanned POST blocking.hackademix2019-03-201-2/+2
* | Fixed searches from the url bar causing XSS warnings in the Tor Browser.hackademix2019-03-191-1/+3
* | Selective handling of Tor Browser options and work-around for https://bugzill...hackademix2019-03-141-3/+15
* | Updated event names handled by InjectionChecker.hackademix2019-03-141-1/+1
|/
* [XSS] Updated known HTML events lists.hackademix2018-12-261-1/+1
* [XSS] Updated HTML5 events matching.hackademix2018-09-261-1/+1
* [XSS] Updated known HTML5 events.hackademix2018-09-141-1/+1
* Further CSP refactoring and removal of obsolete fallbacks.hackademix2018-08-271-1/+1
* Fixed typo in XSS name sanitization script injection (thanks skriptimaahinen).hackademix2018-08-231-1/+1
* [XSS] Updated HTML events matching generation to use both latest Mozilla sour...hackademix2018-08-181-2/+2
* Removed all references to RequestUtil.js and dependancies.hackademix2018-08-183-7/+13
* [XSS] Updated HTML event attributes matching.hackademix2018-07-261-1/+1
* [XSS] Updated HTML events matching.hackademix2018-07-241-1/+1
* [XSS] Fixed anti-HPP coalescing wrongly applied to POST requests causing JSON...hackademix2018-07-121-2/+2
* XSS filter autoupdated to latest HTML events supported by the browserhackademix2018-07-031-1/+1
* Initial commit starting at version 10.1.8.3rc4.hackademix2018-07-016-0/+2472