Changes since 11.0.3:

• Fixed external scripts included in HEAD of file:// pages failing (issue #115)
• [XSS] Updated HTML 5 events inventory
• Best effort to make media placeholders visible and clickable
• Placeholders for MSE on Chromium too
• Use invalid IP rather than domain name to prevent offline status from breaking sync messaging in Chromium
• Removed empty exportFunction() Chromium shim
• Updated TLDs
• [L10n] Updated da, ja, lt, mk, nl
• Fixed onionSecure setting persistence issue (Tor ticket #32362)
• Fixed CSP DOM injection breaking XML documents rendering
• Use fragments to reinsert and run previously blocked scripts
• Fetch policies asynchronously for about: and javascript: URLs
• Remove loop around XHR
• Compute the correct origin for the policy to be fetched from about:blank and javascript: URLs
• Work-around for Youtube video elements positioned off-display at replacement time
• Version numbers for Chromium dev builds compatible with Chromestore requirements
• Script blocking before policy is fetched only for synchronous loads
• Make tests not to run automatically on dev mode startup anymore
• Consolidated missing endpoint error detection in Messages
• More compatible Messages abstraction
• Progressive count of debug messages to better trace asynchronous execution
• [XSS] Fixed false positive (property assignment)
• Fixed typo causing initializing promise not being cached
• Avoid unnecessary page reloads on extension updates
• Fixed undefined variable error when in debugging mode
• Support for splitting sync storage items into chunks, to allow synchronization of big policies across devices
• IPv4 subnet shortcut matching
• Fallback to local storage for any item exceeding limits (fixes persistence problems on Chromium)
• Alternate version numbering for Chromium pre-releases
• Simplified, less noisy and more resilient Messages abstraction implementation (thanks barbaz for reporting)
• Handle edge-case policy retrieval for file:// pages loaded by session restore on startup and alike
• Improved Chromium development-build workflow
• Fix CSP violation reporting management of "fake" blocked-uri like "eval"
• Recursive webgl context monkeypatching across same origin windows (thanks skriptimaahinen for concept and patch)
• Replaced cookie-based hacks with synchronous messaging (currently shimmed) to retrieve fallback and per-tab restriction policies
• Work-around for Chromium not supporting frameAncestors in webRequest
• [L10n] Updated Transifex-managed ca, da, it, nl, ru, sv_SE
• [XSS] Updated HTML5 events
• Updated TLDs
• Fixed "Cascade top document restrictions" option not always applied to embedded elements (thanks barbaz for reporting)
• Removed XSS prompt for timeouts