Bluesky sharing now works reliably.
- Contextual sharing was stabilized.
- Missing or broken platform icons were fixed.
- X sharing behavior was cleaned up to reduce compose artifacts.
- Message validation and sender checks were tightened.
- Input and URL handling were hardened.
- Intercepted-share replay/freshness protections were added.
- Print preview key validation and expiry checks were improved.
- Logging now masks sensitive data more consistently.
- CSP and extension security boundaries were strengthened.
- A final toast-message sanitization fix was added.

Reduced extension scope in manifest.json:
- host_permissions changed from <all_urls> to http://*/* and https://*/*
- content_scripts.matches changed from <all_urls> to http://*/* and https://*/*
- web_accessible_resources.matches changed from <all_urls> to http://*/* and https://*/*
- Kept a strict extension page CSP:
- script-src 'self'; object-src 'none'; frame-src 'none';
- Hardened background message handling in background.js:
- added ALLOWED_ACTIONS
- added isAllowedSender() validation
- added object checks for incoming messages
- added hasValidTab() checks before tab-dependent operations
- added sanitizeString() for incoming payload fields
- added sanitizeReadLaterItem() for saved items
- added isAllowedHttpUrl() checks before opening external share targets
- Hardened intercepted share handling in content.js:
- added CONTENT_ALLOWED_ACTIONS
- added sanitizeInterceptedShareDetail()
- added randomized CONTENT_EVENT_TOKEN
- replaced the fixed public event name with token-based page-to-content communication
- injected the token into the page context before listening for intercepted share events
- Confirmed js/inject.js uses the injected token before dispatching intercepted share events
- Hardened popup URL handling in popup/popup.js:
- added isAllowedShareTarget() protocol validation
- added buildCustomShareUrl() validation for custom templates
- blocked unsafe thread/share target URLs before opening tabs
- Hardened read-later handling in popup/read_later.js:
- added isSafeListUrl() validation before assigning href
- disabled unsafe entries visually instead of linking them
- ensured links use rel="noopener noreferrer"
- Hardened options handling in options/options.js:
- added validateCustomTemplate()
- blocked invalid custom template saves
- Hardened logging in js/logger.js:
- masks sensitive fields such as URL, title, text, token, path, auth, password, and email before storage/export

v0.1.8.0
- Replaced all legacy innerHTML usage with safer DOM manipulation (textContent) to prevent XSS vulnerabilities.
- Extended privacy masking in logs to automatically scrub 'token', 'key', 'password', 'auth', and 'email' fields.
- Title Parsing: Preserves full titles (e.g., "News / World") while ensuring safe filename generation.
- Optimized background runtime by removing unused IndexedDB modules and legacy code blocks.

v0.1.7.9
- New Privacy Control: Choose between "Moderate" (Essential Sites) and "Strict" (Maximum Privacy) protection levels.
- Added "Read Later" list: Save up to 50 articles offline.
- Added "Copy as Markdown": Quickly copy title and URL in Markdown format.
- Added "Share..." to the right-click context menu for faster access.
- Improved Notifications: Replaced alerts with non-intrusive toast messages.
- Cleaned up back-end code for better performance.
- Removed "Copy Link" and "Email" share options to streamline the interface.

WHAT'S NEW IN ANOTHER SHARE v0.1.7.7 (Desktop)

BUG FIXES & IMPROVEMENTS

• FIXED: Popup layout issue where the window would appear extremely narrow or collapsed on some desktop environments.
• FIXED: ReferenceError in screenshot tools ('loadImage is not defined').
• FIXED: "Share as Reader Mode" toggle visual state and functionality.
• IMPROVED: Smart Reader Mode sharing. Internal Firefox protocols (about:reader) are now embedded directly in the share text for better platform compatibility (X, Reddit, Telegram, etc.).
• IMPROVED: Desktop UI responsiveness. Fixed dimensions ensure a stable experience on all monitor sizes.
• IMPROVED: Tooltips are now more descriptive, explaining exactly what each capture and extraction tool does.

GENERAL

• Version bumped to 0.1.7.7.
• Optimized for Firefox Desktop 142.0+.
• Reset logging facility to require manual opt-in for improved privacy.