From 0f635c76c3aa9bac97fe0f89d97b6b93b22cdeab Mon Sep 17 00:00:00 2001 From: Libor Polčák Date: Jun 19 2020 10:50:49 +0000 Subject: Reorganize web page * Do not show version history all the time * Show install option in the separate box --- diff --git a/docs/_includes/head.html b/docs/_includes/head.html index 6e184b8..f0461eb 100644 --- a/docs/_includes/head.html +++ b/docs/_includes/head.html @@ -15,16 +15,9 @@
  • Home page
  • Test page
  • Configuration
    • +
  • Version history
  • Permissions
  • Build from source
    • -
  • -

    Install

    - -
  • Source code
  • Open issues
  • Credits
    • diff --git a/docs/_includes/stores.md b/docs/_includes/stores.md new file mode 100644 index 0000000..d95735c --- /dev/null +++ b/docs/_includes/stores.md @@ -0,0 +1,6 @@ + +## Install JSR + +* [Firefox](https://addons.mozilla.org/en-US/firefox/addon/javascript-restrictor/) +* [Opera](https://addons.opera.com/en/extensions/details/javascript-restrictor/) +* [Chrome, other Chromium-based](https://chrome.google.com/webstore/detail/javascript-restrictor/ammoloihpcbognfddfjcljgembpibcmb) diff --git a/docs/_includes/versions.md b/docs/_includes/versions.md deleted file mode 100644 index 4799337..0000000 --- a/docs/_includes/versions.md +++ /dev/null @@ -1,48 +0,0 @@ - -# Release history - -## 0.3.1 - -* Improve compatibility with Chromium based browsers - -## 0.3 - -* Major code rewrite - make the code more modular, remove duplications -* Add wrappings inspired by [JavaScript Zero: Real JavaScript and Zero S -ide-Channel Attacks](https://misc0110.net/web/files/jszero.pdf) -* Network boundary shield prevents web pages to use the browser as a proxy between local network and the public Internet. See the [Force Point report](https://www.forcepoint.com/sites/default/files/resources/files/report-attacking-internal-network-en_0.pdf) for an example of the attack. The protection encapsulates the WebRequest API, so it captures all outgoing requests. -* Allow multiple custom levels -* Do not modify DOM of displayed pages (the modifications were detectable by the page scripts and may - reveal that the user is running JSR) -* Canvas fingerprinting: originally, only `toDataURL` was blocked. The extension now blocks `CanvasRenderingContext2D.prototype.getImageData` and `HTMLCanvasElement.prototype.toBlob`. -* Block additionaly methods to get performance data. -* Unfortunately, we do not migrate old settings as the levels were redesigned and several features - were removed. We expect to migrate previous settings in the future. -* Initial attempt to deal with a bug [https://bugzilla.mozilla.org/show_bug.cgi?id=1267027](https://bugzilla.mozilla.org/show_bug.cgi?id=1267027) but it - does not work completely as expected, yet. -* Make sure that calling toString on the wrapped function does not leak the wrapping code. -* Fix original canvas method leaks through iframes -* Do not allow page scripts to delete wrappers -* GUI rewritten. -* Do not open the main page after browser or extension update as it is irritating and may send a - signal that the user is tracked. -* *Removed feature* Do not change request HTTP headers. See the paper - FP-Scanner: The privacy implications of browser - fingerprint inconsistencies and pages like - [https://ghacksuserjs.github.io/TorZillaPrint/TorZillaPrint.html](https://ghacksuserjs.github.io/TorZillaPrint/TorZillaPrint.html). -* *Removed feature* GPS/location is not blocked anymore, we expect to reintroduce this feature in the future. - -## 0.2.1 - -* Fix `Date` wrapping that used to break some pages; `Date` wrapping code improved -* Improve `XMLHttpRequest` wrapping - -## 0.2 - -* Additional APIs that can be wrapped: - * `navigator` properties: `userAgent`, `vendor`, `platform`, `appVersion`, `oscpu`, `language`, `languages` - * `document` properties: `referrer` - -## 0.1 - -* Initial public version diff --git a/docs/_layouts/default.html b/docs/_layouts/default.html index 1690ee5..b9e7b73 100644 --- a/docs/_layouts/default.html +++ b/docs/_layouts/default.html @@ -8,7 +8,7 @@ -
    +
    {% comment %} See https://github.com/jekyll/jekyll/issues/6166#issuecomment-322771527 and for comments @@ -16,7 +16,7 @@ and https://help.shopify.com/en/themes/liquid {% endcomment %} {% capture md %} - {% include versions.md %} + {% include stores.md %} {% endcapture %} {{ md | markdownify }}
    diff --git a/docs/style.css b/docs/style.css index 97964e0..740d01c 100644 --- a/docs/style.css +++ b/docs/style.css @@ -60,35 +60,35 @@ section.logo img { margin-right: auto; } -nav.menu { +.menu { font-family: sans-serif; } @media (min-width: 601px) { - nav.menu { + .menu { padding-top: 3em; } } -nav.menu ul { +.menu ul { list-style-type: none; margin: 0; padding: 0; } -nav.menu { +.menu { background-color: #f7e032; } -nav.menu ul ul { +.menu ul ul { padding-left: 1em; } -nav.menu ul p:after { +.menu ul p:after { content: " »"; } -nav.menu ul a:visited, nav.menu ul a, nav.menu ul p { +.menu ul a:visited, .menu ul a, .menu h2 { color: black; display: block; text-decoration: none; @@ -99,21 +99,11 @@ nav.menu ul a:visited, nav.menu ul a, nav.menu ul p { margin: 0; } -nav.menu ul a:hover { +.menu ul a:hover { color: #f7e032; background-color: #6c6216; } -.versions { - background-color: #f7e032; - padding: 1em; -} - -.versions ul { - margin: 0.3em; - padding: 0; -} - section.content { text-align: justify; } diff --git a/docs/versions.md b/docs/versions.md new file mode 100644 index 0000000..4799337 --- /dev/null +++ b/docs/versions.md @@ -0,0 +1,48 @@ + +# Release history + +## 0.3.1 + +* Improve compatibility with Chromium based browsers + +## 0.3 + +* Major code rewrite - make the code more modular, remove duplications +* Add wrappings inspired by [JavaScript Zero: Real JavaScript and Zero S +ide-Channel Attacks](https://misc0110.net/web/files/jszero.pdf) +* Network boundary shield prevents web pages to use the browser as a proxy between local network and the public Internet. See the [Force Point report](https://www.forcepoint.com/sites/default/files/resources/files/report-attacking-internal-network-en_0.pdf) for an example of the attack. The protection encapsulates the WebRequest API, so it captures all outgoing requests. +* Allow multiple custom levels +* Do not modify DOM of displayed pages (the modifications were detectable by the page scripts and may + reveal that the user is running JSR) +* Canvas fingerprinting: originally, only `toDataURL` was blocked. The extension now blocks `CanvasRenderingContext2D.prototype.getImageData` and `HTMLCanvasElement.prototype.toBlob`. +* Block additionaly methods to get performance data. +* Unfortunately, we do not migrate old settings as the levels were redesigned and several features + were removed. We expect to migrate previous settings in the future. +* Initial attempt to deal with a bug [https://bugzilla.mozilla.org/show_bug.cgi?id=1267027](https://bugzilla.mozilla.org/show_bug.cgi?id=1267027) but it + does not work completely as expected, yet. +* Make sure that calling toString on the wrapped function does not leak the wrapping code. +* Fix original canvas method leaks through iframes +* Do not allow page scripts to delete wrappers +* GUI rewritten. +* Do not open the main page after browser or extension update as it is irritating and may send a + signal that the user is tracked. +* *Removed feature* Do not change request HTTP headers. See the paper + FP-Scanner: The privacy implications of browser + fingerprint inconsistencies and pages like + [https://ghacksuserjs.github.io/TorZillaPrint/TorZillaPrint.html](https://ghacksuserjs.github.io/TorZillaPrint/TorZillaPrint.html). +* *Removed feature* GPS/location is not blocked anymore, we expect to reintroduce this feature in the future. + +## 0.2.1 + +* Fix `Date` wrapping that used to break some pages; `Date` wrapping code improved +* Improve `XMLHttpRequest` wrapping + +## 0.2 + +* Additional APIs that can be wrapped: + * `navigator` properties: `userAgent`, `vendor`, `platform`, `appVersion`, `oscpu`, `language`, `languages` + * `document` properties: `referrer` + +## 0.1 + +* Initial public version