2 Releases 13 Tags

RSS Feed

• v1.0.12 1030622e19

  Compare

  v1.0.12 Stable

  gegorov released this 2026-05-17 01:11:29 +03:00 | 2 commits to master since this release

  Hotfix on top of v1.0.11.

  1. Passive OAuth popups suppressed. YouTube auto-opens window.open on accounts.google.com/...?passive=true&... at page load to silently pick up an existing Google session via postMessage. Top-level popups don't carry the parent context Google expects, so the popup landed on "JavaScript отключен". These passive=true URLs are now filtered out — they no longer pop up. Active "Войти" clicks (no passive flag) continue through the OAuth popup as in 1.0.11.

  2. OAuth popup generalised to all known providers. Previously only accounts.google.com was intercepted; in-place navigation to other login pages (Yandex, Mail.ru, Microsoft, VK, Apple, GitHub, Facebook) would have hit the same embedded-browser checks. Now every known login host routes through the same clean popup + cookie-migration flow:

  • accounts.google.com
  • passport.yandex.ru / passport.yandex.com / oauth.yandex.ru
  • login.live.com / login.microsoftonline.com
  • auth.mail.ru / login.mail.ru / oauth.mail.ru
  • oauth.vk.com / login.vk.com / .vk.ru variants
  • appleid.apple.com / idmsa.apple.com
  • github.com/login*, *.facebook.com/login*

  Per-provider cookie-domain lists describe what gets migrated back to the parent view's session after the popup hands control back to the original site.

  LOGIN_PARTITION renamed persist:google-login → persist:oauth-login since it now holds login state for all providers.

  Downloads

  • Source Code (ZIP)
  • Source Code (TAR.GZ)
  • ESH-Media-1.0.12-win.zip
    108 MiB

    2026-05-17 01:13:20 +03:00
  • ESH-Media Setup 1.0.12.exe
    79 MiB

    2026-05-17 01:13:10 +03:00
  • ESH-Media Setup 1.0.12.exe.blockmap
    86 KiB

    2026-05-17 01:13:10 +03:00
  • latest.yml
    349 B

    2026-05-17 01:13:21 +03:00