1.3.3

What's Changed

• Update expected AMP redirection URL by @kzar in #220

Full Changelog: 1.3.2...1.3.3

1.3.2

What's Changed

• Create reach-calculator.html by @tagawa in #190
• Update reach-calculator.html by @tagawa in #191
• Update breakage reach calculator by @tagawa in #193
• Add website that auto-refreshes every 3 seconds by @bwaresiak in #192
• Update app scheme target to spreadprivacy. by @not-a-rootkit in #194
• Re-add js-page-rewrite into address bar spoofing issues. by @not-a-rootkit in #195
• Re-add js-page-rewrite to index page. by @not-a-rootkit in #196
• Favicon test pages by @federicocappelli in #198
• Bump eslint-plugin-import from 2.27.5 to 2.28.0 by @dependabot in #164
• Bump ws from 7.5.9 to 8.13.0 by @dependabot in #159
• Re-add content-scope-scripts by @jonathanKingston in #199
• Reach calculator: Improve reduction assumption explanation by @tagawa in #205
• Testing popup behavior and security and privacy issues by @mikamikem in #197
• Exempt Safari and WebKit-based DDG browsers from using serverTiming by @englehardt in #206
• Open details on ad click test page by default by @englehardt in #207
• Add URL canonicalization tests. by @not-a-rootkit in #208
• Add pages to simulate HTTP and WebView errors by @nshuba in #209
• Update vox amp link by @SlayterDev in #210
• Added clarification of the Severity Assessment Matrix section by @tagawa in #211
• create separate signup form for ui testing by @brindy in #213
• add manual increment button by @brindy in #216
• Add extra phishing detection test pages by @not-a-rootkit in #217
• Remove ampproject.org link from test page by @SlayterDev in #218
• Add expected pixels to ad click attribution test cases by @kzar in #219

New Contributors

• @tagawa made their first contribution in #190
• @federicocappelli made their first contribution in #198
• @mikamikem made their first contribution in #197
• @nshuba made their first contribution in #209

Full Changelog: 1.3.1...1.3.2

1.3.1

What's Changed

• Add print demo page by @jonathanKingston in #186
• Add same frame single page test by @jonathanKingston in #187
• Windows Browser: Script Injection test pages by @RendijsSmukulis in #185
• Add AMP loop protection page by @SlayterDev in #182
• Add autofill case with disabled inputs by @GioSensation in #189

Full Changelog: 1.3.0...1.3.1

1.3.0

What's Changed

• Add storage test for setting a cookie via the cookieStore API in a serviceworker by @sammacbeth in #166
• Update README.md by @kdzwinel in #167
• Add Address Bar Spoofing Test Cases by @not-a-rootkit in #169
• Rename js-page-rewrite, and unsupported application scheme. by @not-a-rootkit in #171
• Update links between security tests and reduce timeout on address bar spoofing via tel:// protocol. by @not-a-rootkit in #172
• Add ability to disable individual FP tests via url param. by @kdzwinel in #173
• Add test for surrogate included in head tag by @sammacbeth in #170
• Update download URL to include a HTTP redirect in spoof-js-download-url by @not-a-rootkit in #175
• Add password update flows by @GioSensation in #176
• Improve usability of the surrogate script test page by @kzar in #178
• Add local 301 redirect for address bar spoofing test case. by @not-a-rootkit in #179
• Move address bar spoofing server routes out of server.js by @not-a-rootkit in #180
• Add viewport test pages by @muodov in #177
• Rewrite download path URL to prevent URI clashes by @not-a-rootkit in #181
• Autofill shadow dom test page by @GioSensation in #183
• Autofill shadow dom follow up by @GioSensation in #184

New Contributors

• @not-a-rootkit made their first contribution in #169

Full Changelog: 1.2.2...1.3.0

1.2.2

What's Changed

• Add detection for WebMidi and Window Placement APIs by @muodov in #162
• Migrate app off glitch.me onto own hosted infra by @KeaganJarvis in #165
• Update AMP test page expected URL by @joshliebe in #168

New Contributors

• @KeaganJarvis made their first contribution in #165
• @joshliebe made their first contribution in #168

Full Changelog: 1.2.1...1.2.2

1.2.1

What's Changed

• Remove 404'd AMP link by @SlayterDev in #161
• Update AMP test page expected URL by @sammacbeth in #163

Full Changelog: 1.2.0...1.2.1

1.2.0

What's Changed

• Clear data page. by @kdzwinel in #107
• Bump node-cmd from 4.0.0 to 5.0.0 by @dependabot in #140
• Bump eslint-plugin-promise from 4.3.1 to 6.1.1 by @dependabot in #141
• Bump body-parser from 1.20.1 to 1.20.2 by @dependabot in #142
• Bump ws from 7.4.0 to 8.13.0 by @dependabot in #143
• Bump @duckduckgo/content-scope-scripts from 4.5.0 to 4.6.0 by @dependabot in #144
• Bump @duckduckgo/content-scope-scripts from 4.6.0 to 4.10.1 by @dependabot in #148
• Ignore scripts on install, move C-S-S to be a build dep by @jonathanKingston in #150
• Remove eslint-plugin-promise as is a conflicting peer dep by @jonathanKingston in #151
• Add anchors to ad click test cases by @englehardt in #153
• password generation test page by @szanto90balazs in #154
• Add support for ad cookie checking by @jonathanKingston in #158
• Bump @duckduckgo/content-scope-scripts from 4.11.1 to 4.13.0 by @dependabot in #157

Full Changelog: 1.1.0...1.2.0

1.1.0

What's Changed

• Update node and nvm by @jonathanKingston in #124
• Revert node version to 16 by @jonathanKingston in #125
• update site option test by @jdorweiler in #126
• fix mixed content by @jdorweiler in #127
• test page for API attribution by @muodov in #128
• AdClick tests to validate non-302 redirects by @RendijsSmukulis in #129
• Verifies basic runtime checking is enabled by @jonathanKingston in #131
• Expand element hiding privacy test page by @dharb in #130
• Shared content scope page tests also used for integration tests by @jonathanKingston in #132
• Bump eslint-plugin-html from 6.1.1 to 7.1.0 by @dependabot in #133
• Bump express from 4.17.1 to 4.18.2 by @dependabot in #135
• Install dependencies after deploy by @kdzwinel in #138
• Bump eslint-config-standard from 16.0.2 to 16.0.3 by @dependabot in #134
• Bump eslint from 7.20.0 to 7.32.0 by @dependabot in #136
• Bump eslint-plugin-import from 2.22.1 to 2.27.5 by @dependabot in #137

New Contributors

• @RendijsSmukulis made their first contribution in #129
• @dependabot made their first contribution in #133

Full Changelog: 1.0.0...1.1.0

1.0.0

What's Changed

• Geolocation API test (+ a bit of a clean up) by @kdzwinel in #1
• Add dos reload site by @marcosholgado in #2
• load via images by @brindy in #3
• tidy up, surrogate and links pages by @brindy in #4
• Rename 1major-with-surrrogate.html to 1major-with-surrogate.html by @schaafjs in #5
• Add fetch test page by @SlayterDev in #6
• add url spoofing page by @CDRussell in #7
• Add custom URL schemes and text edit area pages. by @brindy in #8
• Add android intent URLs by @marcosholgado in #10
• Privacy protections - request blocking by @kdzwinel in #11
• Privacy Protection Test Pages: Fingerprinting 👆 by @kdzwinel in #12
• Storage Blocking Page by @kdzwinel in #13
• Referrer Trimming test page by @kdzwinel in #14
• HTTPS Upgrades Test Page by @kdzwinel in #15
• Add endpoint for auto update via GH hooks. by @kdzwinel in #17
• Expand readme, add templates, do a bit of a clean up by @kdzwinel in #16
• Storage test site - correctly set a 3p cookie from an iframe. by @kdzwinel in #18
• Privacy test pages - small fixes by @kdzwinel in #19
• Request Blocking - improve detection of loaded request by @kdzwinel in #20
• Add page for logging various API stack traces. by @jonathanKingston in #21
• Add crawler detection page by @sammacbeth in #22
• Add storage test for cookies set from a 3rd party script. by @sammacbeth in #24
• Add more canvas fingerprinting tests by @jonathanKingston in #23
• Add ESLint standard config by @jonathanKingston in #26
• Apply linting to inline scripts by @jonathanKingston in #27
• Use Github Actions for npm test by @kdzwinel in #29
• Adding in a canvas drawing checker by @jonathanKingston in #25
• Facebook click to load test page by @Charlie-belmer in #28
• Use a tracker, non-blocked domain for setting test cookie by @sammacbeth in #31
• Surrogates test by @jdorweiler in #32
• Adding audio fingerprinting by @jonathanKingston in #30
• CSP Extension ID leak PoC by @sammacbeth in #35
• Add download features page by @jonathanKingston in #36
• Iframe downloading by @jonathanKingston in #37
• Add fonts test case by @jonathanKingston in #38
• Fix spelling of "immediately" by @ruscoe in #39
• Update observer to check duration and filter failed loads by @Charlie-belmer in #41
• Ctl iFrame by @Charlie-belmer in #42
• Check if we can load a surrogate even if the integrity mismatches. by @jonathanKingston in #43
• Add autofill test pages by @GioSensation in #44
• Add another autofill test case by @GioSensation in #45
• Fix typo in autofill test by @GioSensation in #46
• Add navigator.sendBeacon to request blocking checks. by @kdzwinel in #47
• Check message origin when retreiving iframe storage results by @sammacbeth in #49
• Wait for git to finish before restarting the app. by @kdzwinel in #50
• Replace all whitespace in element id string by @sammacbeth in #51
• Add test page for global JS leaks by @sammacbeth in #52
• Extended canvas checks by @jonathanKingston in #48
• Onion skin by @jonathanKingston in #54
• Simplify canvas layering checks by @jonathanKingston in #55
• Small improvements to the docs by @kdzwinel in #56
• Use broken.third-party.site instead of bad.third-party.site for referrer trimming test by @kdzwinel in #57
• Couple of changes to the surrogates page. by @kdzwinel in #58
• GPC test page by @kdzwinel in #60
• Loop protection in HTTPS upgrades by @kdzwinel in #59
• Don't deploy on EVERY push to the repo 🙄 by @kdzwinel in #62
• Test Automation - clean up by @kdzwinel in #61
• Add delayed tracker test cases by @jonathanKingston in #63
• AMP link protection page by @SlayterDev in #64
• Add autoconsent test page by @sammacbeth in #65
• Move autoconsent button creation to script by @sammacbeth in #66
• Add YouTube test page by @kzar in #68
• Remove trigger for CORS bug in YouTube testpage by @kzar in #69
• Adding tests for the presence of navigator.ddg by @shakyShane in #70
• Introduce polling to give the extension chance to inject content-scripts by @shakyShane in #71
• change from ddg to duckduckgo on the navigator interface by @shakyShane in #72
• JS alert test page by @Bunn in #73
• Query Parameters Test Page by @SlayterDev in #67
• Add false positive AMP urls by @SlayterDev in #75
• Local storage tests page by @bwaresiak in #77
• Couple of additions to fingerprinting test page by @kdzwinel in #80
• Add cookieStore API by @sammacbeth in #76
• Framed autofill by @GioSensation in #79
• Implement test pages for platform-level privacy impacting APIs by @englehardt in #74
• Bugfix for HSTS partitioning test by @englehardt in #81
• Bugfix: HSTS Test by @englehardt in #82
• Add demo phishing page by @jonathanKingston in #83
• 10d expiry of cookies set by /set-cookie endpoint by @kdzwinel in #84
• update FB CTL test cases by @ladamski in #86
• update loads dynamically after initial load by @ladamski in #87
• Add an "accept all" button to the autoconsent test page by @muodov in #88
• add a page for testing autofill for login forms embedded in an iframe by @szanto90balazs in #90
• Add a bunch of test cases for autofill autoprompt by @GioSensation in #89
• Fix typo in the autoconsent test page by @muodov in #92
• Autoprompt follow ups after PR review by @GioSensation in #91
• Add test delays and individual tests by @SlayterDev in #94
• Ad attribution test flow by @jonathanKingston in https://github.com/duckduckgo/priv...