InformAction Forums

[GµårÐïåñ]

They are not too independent of each other. The fact is that an API or mechanism similar to CAPS in Fx is needed in Chrome for proper document/DOM processing. So yeah in a sense they are different mechanisms but in reality they are based on the same core principle of a proper API hook into the core of the browser to control its function.

[Giorgio Maone]

If so, could XSS protection be implemented for Chrome without threatening Google funding?

Recent Chrome versions have built-in XSS protection, even though not as effective and complete as NoScript's.
Anyway current extensions API wouldn't allow NoScript's approach to be implemented.

[new_kid]

Yes, the API for extensions is not complete yet, but I've been already contacted by the Google Chrome engineers who are trying to close this gap, because they really want both NoScript and FlashGot on Chrome.

Is it the same API that is needed for NoScript that is required before FlashGot will be available for Chrome? (sorry if this question should be asked in the flashgot development section, but i figured since you mentioned it here, i'd ask here)

[Giorgio Maone]

Is it the same API that is needed for NoScript that is required before FlashGot will be available for Chrome? (sorry if this question should be asked in the flashgot development section, but i figured since you mentioned it here, i'd ask here)

Some are overlapping, some are different, all are still missing.

[jayjaygibbs]

Is it coming or is this just a wild goose chase?? I can't take using Firefox any more but I'd rather use it then use Chrome without noscript. Why don't Web Browsers have these features built-in anyway?

[nzpossum]

Looks like it will built in soon according to this article
http://googlesystem.blogspot.com/2010/0 ... tings.html

[Giorgio Maone]

I'm in contact with Adam Barth, Peter Kasting and other Chrome developers in order to make it happen, but "soon" is not exactly the word.

[Vux]

I'm in contact with Adam Barth, Peter Kasting and other Chrome developers in order to make it happen, but "soon" is not exactly the word.

Does that mean it will now be possible, but may take a while? Or that it's still a question of IF it's even possible on Chrome?

[Giorgio Maone]

Does that mean it will now be possible, but may take a while? Or that it's still a question of IF it's even possible on Chrome?

It means the the technology infrastructure to make it possible is not there yet (so "now be possible" does not makes much sense), but I'm in talks with good will Google people who say they want it to happen.
On the other hand, many months ago I had been contacted for the same reason by Google people who said they wanted it to happen, so I can't commit to any date or give the whole thing for sure.

[rafaelkafka]

Does that mean it will now be possible, but may take a while? Or that it's still a question of IF it's even possible on Chrome?

It means the the technology infrastructure to make it possible is not there yet (so "now be possible" does not makes much sense), but I'm in talks with good will Google people who say they want it to happen.
On the other hand, many months ago I had been contacted for the same reason by Google people who said they wanted it to happen, so I can't commit to any date or give the whole thing for sure.

May God bless you, Noscript give my privacy back and secured many friends that love it.

Noscript for chrome will be fantastic, the best browser with the best extension ever!

Thank you for the attention and sorry for my bad english, you have many fans here in Brazil.

[41L3F]

I hope for a google-NoScript plugin with this chrome 4, if it needs time, ok, that's normal, google doesnt want to make his browser vulnerable cause of some incompatibilities with this version 4.0.249.78 and NoScript. Now i don't know if all is there to make the Blaster plugin ever to surf the safest way available actually, to make a google 4 version as terrific as the FF one. there's nothing i found to surf that secure for now. but it's only for FF users, what a drama, this add-on should be available on any browser, i don't know if it's possible for IE8 and opera 10 but if a version will come for google 4 so it's good for safari too no ?
keep up the great job u're actually offer for free to all FF customers, your add-on is ranking the first place far away compare to any other security add-on.
I was so happy the first time i found NoScript, except I didnt use a lot FF as it was too slow, especially after the first chrome stable release, woooooo, chrome put the nitro to its browser and no one can tell it's not evident, just try any browser and chrome, no one is able to load that fast, safari is very fast too, but google is always going faster and faster on each release, this browser if it wants to be the best browser needs the best security plugin available : NoScript.
i see that adblock is available for google...first time i tested adblock on FF, i had NoScript too installed and i saw that with NoScript, AdBlock was useless, and NoScript was able to give a level of security far superior as AdBlock, yes that's normal as AdBlock is just blocking ads, it's a good add-on, no prob, but NoScript not only block ads, it blocks all, then u decide what u want to allow on pages, that's simply great. you become the master of your surf and not a future infected machine cause of all those thousands of malicious links and pages that come and go each days. it's the jungle outside the local aera and without NoScript, one day, u'll face troubles like any websurfer on the earth, it's a question of time and chance but it will happen. NoScript is the solution to minimize the risk to the lowest possible, nothing is secure at 100%, but with NoScript, this % of security is the max u can get while surfing the web.

was reading users posts about AdBlock, most complain about how slow becomes chrome...hmmm, that's a big problem, if i test and feel the same result, this extension will not stay more than 2 minutes...we use chrome first cause it's the fastest, don't kill that !

[yupa]

Any news about Noscript for Google Chrome?

[Giorgio Maone]

Last week I've been told by some Google folks that Chrome devs want to improve usability of their script-blocking UI and to speed-up the development of their long languishing "privacy blocklist API", which would allow some but not all of the NoScript functionality to be implemented in extensions.
Anyway the same sources confirmed that a more powerful network-hooking API (like the ones available on Mozilla's Gecko and used by the most advanced NoScript features) is not planned.

[GµårÐïåñ]

Last week I've been told by some Google folks that Chrome devs want to improve usability of their script-blocking UI and to speed-up the development of their long languishing "privacy blocklist API", which would allow some but not all of the NoScript functionality to be implemented in extensions.
Anyway the same sources confirmed that a more powerful network-hooking API (like the ones available on Mozilla's Gecko and used by the most advanced NoScript features) is not planned.

Once again it seems they are making promises to make the majority of the masses to let their guard down and go with their solution thinking a false sense of security while the full benefit and guts of the program are not implemented because why go the full distance when you can fool people into a lesser and incomplete solution, this is asinine. It is shameful that instead of using the expertise and knowledge of a master like Giorgio, they are going to keep dragging their feet and implementing one half ass solution after another. Plus, if they had what is needed in place for Giorgio to do his thing, you wouldn't have to keep asking Giorgio, it would already be done. Anyone who knows anything about how diligently Giorgio stays on top of things would know that if it was possible, it would have already been done. The pressure and the questions should be directed to the reluctant Google devs who have ignored it all along.

[fichal]

Last week I've been told by some Google folks that Chrome devs want to improve usability of their script-blocking UI and to speed-up the development of their long languishing "privacy blocklist API", which would allow some but not all of the NoScript functionality to be implemented in extensions.
Anyway the same sources confirmed that a more powerful network-hooking API (like the ones available on Mozilla's Gecko and used by the most advanced NoScript features) is not planned.

Are net::HttpNetworkDelegate and a ChromeNetworkDelegate the kind of network-hooking API you had in mind? Further, how much does the beforeload event listener, as documented in Chromium bug 35897, help NoScript?