rapture
13.01.2012 12:32 unknown
Protection against new kind of response splitting + XSS combo attack responsibly disclosed by Mike Brooks (not public yet).
ClearClick protection against timing attacks demonstrated by Michal Zalewski.
"Click to play" protection against WebGL exploitation, now also on whitelisted sites (can be enabled in NoScript Options|Embeddings)