1.2.0
  30 Jul 2008
  * bugfix: bug 777: Fix issue with locale spoofing breaking translations.
  * bugfix: bug 778: Preserve locale in spoofed version if user does not want
    locale spoofing.
  * bugfix: bug 780: Keep session cookies during Tor toggle.
  * bugfix: Potential fix for some PKCS#12 issues.
  * bugfix: Fix crash recovery and uninstall/upgrade to avoid cookie loss.
  * misc: Translation updates.

1.2.0rc6:
  12 Jul 2008
  * bugfix: Fix bug causing Firefox history to get cleared in some situations
  * bugfix: bug 753: Fix exception thrown during Tor toggle in some instances
  * bugfix: bug 758: Fix resize issue where 0x0 windows could be created
  * bugfix: Fix some potential permission denied issues with cookie jars
  * bugfix: bug 520: Fix issue where Javascript stayed disabled in some tabs
  * bugfix: Apply cookie lifetime settings to Tor settings on first install.
  * bugfix: Don't disable Firefox preferences when Torbutton is uninstalled
  * misc: Allow automatic updates in FF3 by default. They are secure now.
  * misc: Translation updates

1.2.0rc5
  06 Jul 2008
  * bugfix: bug 734: Fix exception with clearing history on toggle
  * bugfix: bug 735: Fix exception with blocking Non-Tor history writes
  * bugfix: bug 720: FF3 cookie jar fix submitted by arno
  * misc: translation updates for French, Farsi, and others
  * misc: demote "mapper check" log message to info
  * new: Option to not write cookie jars to disk submitted by arno

1.2.0rc4
  27 Jun 2008
  * misc: Refuse to jar cookies under Firefox 3. Lame workaround for Firefox
    Bug 439384, but it's the best we can do. At least we won't destroy
    cookies anymore.
  * misc: Some strings were present twice in the en-US locale. Didn't seem
    to cause any problems, but probably should be fixed.

1.2.0rc3
  27 Jun 2008
  * bugfix: Lots of compatibility updates with other extensions. Issues
    with SpeedDial, Google Notebook, TabMixPlus, and others have been fixed.
  * bugfix: Fix bug with first window/tab after restart being partially 
    prevented from performing network activity and/or history access.
  * bugfix: Add an additional pref for blocking Non-Tor file url network
    activity. Off by default. This should fix issues with Sage addon in
    Non-Tor mode. 
  * bugfix: Be better about saving all sorts of Firefox prefs that we touch
    so that users' Non-Tor preferences are remembered.
  * bugfix: Fix potential issues with FF3 sessionstore by updating component,
    and performing version detection.
  * bugfix: Separate toggle into a 3 stage process to eliminate potential 
    race conditions and issues with javascript and other functionality 
    not working after Tor toggle.
  * new: Added 'Test Settings' button to Proxy Preferences that uses 
    check.torproject.org to verify Tor status.
  * misc: Improve 'Restore Defaults' to reset all prefs that we touch.
  * misc: Fix logging system to be more user-legible.

1.2.0rc2
  08 Jun 2008
  * bugfix: MacOS: Fix broken Tor state/toggle issues when all windows are 
    closed but app stays open
  * misc: Potential performance improvements when many windows+tabs are open
  * new: Add 'locked mode' pref to allow users to disable one-click toggling
  * new: Add prefs to start Firefox with a specific Tor state.

1.2.0rc1
  01 Jun 2008
  * general: FF3 should now be functional, but timezone masking is not
    operational
  * bugfix: Fix Places/history component hooking in FF3
  * bugfix: Disable Places database in FF3 via browser.history_expire_days=0
    if history writes are disabled.
  * bugfix: General component hooking fixes for FF3
  * bugfix: Block favicon leaking in FF3
  * bugfix: Enable safebrowsing updates in FF3 (it's finally HMACd. Yay).
  * bugfix: Use Greg Fleischer's new useragent prefs in FF3.
  * bugfix: Properly reset cookie lifetime policy when user changes cookie
    handling options.
  * bugfix: Fix 'Restore defaults' button issues with custom proxy settings
  * bugfix: navigator.oscpu hooking was broken in 1.1.18
  * bugfix: Try to prevent alleged 0x0 windows on crash recovery
  * bugfix: Attempt to block livemarks updates during Tor. Only partial fix.
    Not possible to cancel existing Livemarks timer (one fetch will still
    happen via Tor before disable). See Firefox Bug 436250
  * misc: Set plugin.disable_full_page_plugin_for_types for all plugin
    mimetypes just in case our custom full page blocking code fails

1.1.18
  17 Apr 2008
  * bugfix: Fix Gmail exceptions involving window.navigator that made Gmail
    unusable after recent updates by Google.
  * bugfix: Fix an exception in the content policy that may have prevented
    some AJAX page elements from loading.
  * bugfix: Fix regression on cross-state favicon leak introduced in 1.1.17
  * bugfix: Fix to make clear private data work again by fixing up history
    hooking (may also help FF3 compatibility).
  * bugfix: Fix Yahoo email account creation (broken due to Date.valueOf()
    weirdness).
  * bugfix: Fix to allow plugins if the user unchecks the plugin blocking
    preference
  * bugfix: Fix bug 638: eliminate cross-state history popup on session
    restore
  * bugfix: Only resize windows on document load. Hopefully this will make
    the resizing code less annoying, and drift less.
  * bugfix: Fix Object.prototype extensions involving the Date object 
    (observed on LiveJournal)
  * bugfix: Fix javascript debugger compatibility issues involving source
    window display and other functionality.
  * misc: Prevent blocked popups from opening blank, unusable windows
  * misc: Updated firefox version to 2.0.0.14
  * new: New translations for French, Russian, Farsi, Italian, and Spanish.

1.1.17
  15 Mar 2008
  * bugfix: Improve chrome disclosure protection (patch from Greg Fleischer)
  * bugfix: Block network access from file urls to workaround Firefox 
    'Content-Disposition' file stealing attack (found/fixed by Greg)
  * bugfix: Apply Javascript hooks to javascript: urls (found by Greg)
  * bugfix: Improve Torbutton chrome concealment (found by Greg)
  * bugfix: Use 127.0.0.1 instead of localhost for IPv6 users
  * bugfix: Don't resize maximized windows
  * misc: Improve window resizing to only resize on document load,
    and to try to address drift by remembering window sizes
  * misc: Clear session history if clear history on tor toggle is set
  * new: Remove history hooks in favor of nsISHistoryListeners that
    prevent history navigation from alternate Tor states

1.1.16
  03 Mar 2008
  * bugfix: Fix yet more javascript unmasking issues found by Greg.
    Date is still unmaskable.
  * bugfix: Close tabs *before* toggling proxy settings if pref is set.
  * bugfix: Fix a couple exceptions thrown on resizing and plugin canceling

1.1.15
  26 Feb 2008
  * bugfix: Fix hook unmasking of window.screen, window.history,
    and window.navigator discovered by Greg Fleischer. window.Date 
    unmasking is still unfixed. window.history unmasking represents
    potential IP disclosure due to Firefox Bug 409737.
  * bugfix: Fix view-source extension disclosure bug found by Greg 
    Fleischer.
  * bugfix: Fix javascript and about links. Found by Greg Fleischer.
  * new: Attempt to prevent window sizes from drifting during resize.

1.1.14
  24 Feb 2008
  * bugfix: set general.useragent.locale if user wants to spoof an English
    browser. This handles navigator.locale
  * bugfix: Mask navigator.buildID. Reported by Greg Fleischer
  * Initial Firefox 3 work. Functionality still broken due to FF Bug 413682
  * bug 580: Resize preferences window to fit in 640x480 displays
  * new: Spoof window.screen to mask desktop resolution and resize the 
    browser to multiples of 50px while tor is enabled.
  * new: Block content window access to chrome urls if Tor is enabled, 
    and hide Torbutton if Tor is disabled. Thanks to Greg Fleischer for 
    reporting the chrome disclosure issues
  * new: Added option to close all opened tabs on a Tor toggle. Useful 
    for general convenience and also as a backup protection against 
    Bug 409737.
  * new: Add Tor ports to the list of banned ports for Firefox. Should
    prevent http-ping based fingerprinting attacks.
  * new: Finally add support for automatic updates.

1.1.13
  01 Feb 2008
  * bugfix: Implement workarounds to disable Javascript network access 
    for Firefox Bug 409737
  * bugfix: Improved plugin-disabling workarounds for Firefox Bug 401296 
  * misc: Set network.protocol-handler.warn-external.* to warn on external 
    app handlers during Tor usage
  * misc: Disable browser.safebrowsing.enabled during Tor usage since it
    retrieves some information in plaintext.
  * misc: Disable browser.send_pings.
  * misc: Block Javascript back/forward manipulation if Tor is enabled
  * new: Option to clear HTTP auth on Tor toggle

1.1.12
  26 Nov 2007
  * bugfix: bug 520: Fix some content policy/tagging issues. Not sure if this
    is the whole bug.
  * bugfix: Fix a nasty bug where torbutton mostly broke if the first Firefox
    window was closed (introduced in 1.1.11)
  * bugfix: Fix a favicon proxy-leak discussed in onionland

1.1.11
  16 Nov 2007
  * bugfix: Fix a scope issue with the JS hooks that caused problems with 
    some sites (gmail, others?)
  * misc: Performance enhancements for speeding up toggle
  * new: Prevent Tor cookies from being written to disk if the user wants
    them cleared.

1.1.10
  06 Nov 2007
  * bugfix: bug 522: Try harder to kill plugins before they do any network IO
    (discovered by goldy)
  * bugfix: bug 460: Remove hook verification. Attempt to apply hooks at every
    location event.
  * misc: New logging system
  * new: Have user choose between starting in Tor or Non-Tor after crash.
    Leaving it to Firefox is non-deterministic and should not be an option.

1.1.9.1
  23 Oct 2007
  * bugfix: 1.1.9 killed all plugins. Bring them back to life.

1.1.9
  21 Oct 2007
  * bugfix: bug 519: Fix Ubuntu Gutsy hang on startup.
  * bugfix: bug 521: Fix yet more false positive popups introduced in 1.1.8
  * bugfix: bug 522: Block loading of direct clicks of plugin-handled content 
    (discovered by goldy).

1.1.8
  01 Oct 2007
  * bugfix: bug 503: Prevent sessionstore from writing Tor tabs to disk
  * bugfix: bug 510: Decouple cookie clearing from Clear Private Data settings
  * bugfix: bug 474: Decouple password+form saving from history writing
  * bugfix: bug 460: Rework handling of hooking based on global events+window
    lookup
  * bugfix: Hooking fixes for pages with nested frames/iframes
  * bugfix: Cookies are now properly synced before storing into a jar
  * misc: Tightened up the alerts a bit more for the javascript hooking
  * misc: Changed defaults to be less intrusive to non-tor usage
  * new: Added options to start in Tor and reload cookies after browser crash 
  * new: Added ability to have both tor and non-tor cookie jars

1.1.7
  20 Sep 2007
  * bugfix: bug 495: couple of memory leaks found and fixed by arno
  * bugfix: bug 497: uninstall exception found and fixed by arno
  * bugfix: bug 460: No more alerts should happen. But does that mean its
    fixed? Outlook uncertain...
  * bugfix: bugs 461+489: verbosity+macos logging issues resolved
  * bugfix: if javascript is disabled, the hooking code no longer complains
  * misc: Update spoofed Firefox version to 2.0.0.6
  * new: "Restore Defaults" button added to the preferences window

1.1.6
  30 Jul 2007
  * bugfix: Fix an exception that may have messed up cookie/cache clearing
    if you allowed Tor to write history URLs (possibly kills bug #457)
  * bugfix: Use only sub-browsers for tagging. Could fix some Date hooking
    misses (possibly kills bug #460)
  * misc: Clean up annoying false positives with date hooking checks

1.1.5
  17 Jul 2007
  * bugfix: Reset shutdown option if user wants to manually manage cookies
  * misc: Add code to detect date hooking failures to zero in on Bug #460
  * new: Pref to disable "DOM Storage" during Tor usage

1.1.4 - Defcon CD Release
  6 Jul 2007
  * bugfix: Make plugin state tied to tab load state also
  * bugfix: Date hooking bug. getUTCYear is not defined. Must call getYear..
  * new: Add options to spoof charset and language headers
  * new: Add option to disable referer header. This can break some sites.
         Seems to break digg in particular.
  * new: Copy English strings to all language DTDs so they are at least
         functional.

1.1.3 - Black Hat CD Release
  30 Jun 2007
  * bugfix: Fully disable session store if option is set. Otherwise it 
            can save Tor tabs and cause them to be reloaded during Tor usage!
  * new: Differentiate between crucial and recommended settings in preferences

1.1.2
  22 Jun 2007
  * bugfix: Make js hooking a bit more invisible
  * bugfix: Improve navigator.* hooking for user agent spoofing
  * new: Block session saving during tor usage
  * new: Add options to clear cookies during Tor/Non-Tor shutdowns

1.1.1
  20 Jun 2007
  * bugfix: Remove Date hooks from DOM after inserted. Fixes some sites
            who expect a fixed DOM structure.
  * new: Integrated Collin Jackson's history blocking+cookie jar code, adapted
         it to handle various Tor States+read/write differentiation.
  * new: Allow users to manually manage cookies
  * new: Mark tabs as having been fetched via Tor or in the clear
  * new: Add code to only enable javascript on tabs with the same Tor load 
         state as the current
  * new: options to clear the cache, block disk cache, or block all caching
  * new: Created options tabbox
  * new: Option to block updates if Tor was enabled
  * new: Add nsIContentPolicy to block CSS popups from pages with a different
         load state than current Tor State.
  * new: Added user agent spoofing code
  * new: Support FireFox 2.0 only
  * new: Disable "safe browsing" remote lookups
  * new: block session saving


1.1.0 - Security Development begins (Alpha branch)
  31 Mar 2007
  * new: Option to disable all plugins during Tor usage
  * new: Javascript hooking to mask timezone for Date Object, attempted CSS fix
  * new: Options to clear history and cookies on Tor toggle
  * bugfix: Fix logging to use error console if logger extension not present

1.0.5
  18 Nov 2006
  * bugfix: fix the about box in firefox 1.0
  * bugfix: set the toolbar button to the correct state upon insertion into 
            the toolbar (ff >= 1.5 only)
  * bugfix: clarify the wording of the one-liner extension description
  * bugfix: bypassing privoxy with Firefox <= 1.0 is not recommended
  * bugfix: remember previous "custom" proxy settings
  * misc: new icons
  * misc: keyboard shortcut re-assigned to ctrl-2
  * new: previous proxy settings are restored after exiting tor mode
  * new: if the torbutton proxy settings are changed while torbutton is 
         enabled, then the active proxy settings are updated to reflect it
  * new: added twelve locales

1.0.4
  01 Jun 2006
  * bugfix: without-privoxy settings were incorrect
  * bugfix: https settings did not take effect until firefox restart
  * bugfix: let firefox generate our about box, so it will include the version

1.0.3
  31 May 2006
  * bugfix: statusbar style would reset to text after firefox restart

1.0.2
  23 May 2006
  * bugfix: fixed problem with socks_remote_dns
  * new: mozilla thunderbird support
  * new: user may customize proxy settings for nonstandard configurations
  * new: option to not use privoxy in the standard configuration
  * new: slovenian translation
  * new: french translation
  * new: keyboard shortcut (control-shift-t, changeable via keyconfig)
  * new: context menu for toolbar button and statusbar panel
  * new: attractive tor icons
  * new: about dialog
  * new: option to display statusbar as an icon instead of text

1.0.1
  16 Mar 2006
  * bugfix: toolbar button tooltips now display the correct status
  * bugfix: set socks5 proxy to tor port (9050) instead of privoxy (8118)
  * bugfix: allow user to change proxy exclusion list ("no proxy for")
  * new: use socks_remote_dns on firefox versions that have it
  * new: added update functionality through the extensions manager
  * new: added preference: display statusbar panel (yes/no)
  * new: added compatibility with firefox 1.0 and 0.9

1.0
  07 Mar 2006
  * initial release
