InformAction Forums

[sourcejedi]

Firefox 14.01 / Ubuntu 12.04 / amd64 / unity-2d
NoScript 2.4.9rc1
Ghostery 2.8

Fragment navigation is broken cross-page. E.g. I navigate to http://support.mozilla.org/en-US/kb/new-tab-page-show-hide-and-customize-top-sites#w_how-do-i-turn-the-new-tab-page-off in a new tab. It jumps to the *start* of the document, instead of jumping to the "how do I turn the new tab page off".

OTOH, it works *within* the page. I.e. once the above page is loaded, I can use the table of contents links to get to the desired section.

It's some sort of conflict with Ghostery. It goes away when I disable Ghostery (and I can reproduce with only Ghostery and Noscript enabled). It persists despite disabling all Ghostery options.

I can also get it working if I allow all scripts in NoScript.

[editted to get a working URL]

[Thrawn]

Ghostery has a history of poor stylesheet interaction. I'd suggest a different tool like Adblock Plus, or go the whole hog and use RequestPolicy.

[sourcejedi]

But it's not a stylesheet issue, is it? And I know NoScript affects fragment URLs (for #! => ?_escaped_fragment_= support), so there's certainly room for a bug there.

== continuing the offtopic thread ==

The essential UI for Ghostery, at least, is pretty well polished. Numeric indicator, "What is <DoubleClick>". "Pause blocking" for experiments. "Whitelist domain", if you want to allow analytics on sites you like.

Whether the implementation makes sense as a whole, I don't claim to know.
<obligatory snark>NoScript seemed to feel that tracking was important enough to bundle in (as forced DNT). Ghostery provides tracking-prevention in a package which appears more user-friendly than NoScript. If NoScript were breaking Ghostery (and the answer is not to use Ghostery)... it sounds like it's priorities are somewhat confused and self-centric.</obligatory snark>

I'm always a bit conflicted about ABP, for the obvious reason. I am using it at the moment, but mainly for ABP Element hiding.

RequestPolicy, to paraphrase your own description, is a bit of a pig. I'm quite happy with a blacklist approach for privacy that doesn't require user intervention. I don't mind if it's annoying the big guys, but tending to miss the little guys.

[Thrawn]

But it's not a stylesheet issue, is it? And I know NoScript affects fragment URLs (for #! => ?_escaped_fragment_= support), so there's certainly room for a bug there.

Not a stylesheet issue, no, but if something is happening to page anchors, that's a similar kind of problem.

You can check Tools-Error Console for NoScript-related messages; there might be something going on with XSS filtering (though probably not, if allowing scripts globally fixes it - but still worth looking in the error console).

If allowing scripts globally fixes it, you might also want to watch the Recently Blocked Sites list when the problem occurs.

The essential UI for Ghostery, at least, is pretty well polished. Numeric indicator, "What is <DoubleClick>". "Pause blocking" for experiments. "Whitelist domain", if you want to allow analytics on sites you like.

Whether the implementation makes sense as a whole, I don't claim to know.

In isolation I think it makes sense, but for me (already running NS and RP) it's redundant, and I think that other tools will do a more comprehensive job.

<obligatory snark>NoScript seemed to feel that tracking was important enough to bundle in (as forced DNT).

Default, not forced. You can switch it off, or define exceptions, via about:config. But I think it's a reasonable default, considering NoScript's target audience.

Ghostery provides tracking-prevention in a package which appears more user-friendly than NoScript. If NoScript were breaking Ghostery (and the answer is not to use Ghostery)... it sounds like it's priorities are somewhat confused and self-centric.</obligatory snark>

Feel free to use it. I believe GµårÐïåñ does. But only as a mostly-redundant layer of his defence-in-depth.

I'm always a bit conflicted about ABP, for the obvious reason. I am using it at the moment, but mainly for ABP Element hiding.

I was thinking that you could disable the default subscription, and just subscribe to the EasyPrivacy list.

RequestPolicy, to paraphrase your own description, is a bit of a pig. I'm quite happy with a blacklist approach for privacy that doesn't require user intervention. I don't mind if it's annoying the big guys, but tending to miss the little guys.

It's not for everyone, yeah. I mentioned it because it's what makes Ghostery redundant for me. You could try CsFire, too, to just strip out cookies from cross-site requests instead of blocking them, although I didn't have much joy with it the one time I tried it (couldn't seem to successfully unblock a request). Or ABE, if you're willing to do things a bit more manually.

[sourcejedi]

Thanks for pointing the Error Console out. Unfortunately it doesn't show anything relevant - just errors for two fonts blocked by NoScript. I don't think "Recently blocked sites" is telling me anything either.

"Something happening to page anchors" - that's not what I was thinking -

It only happens on cross-page nagivation. Navigating *within* the page is fine. If I visit the page, then hit Enter in the location bar, I get to the right place. (But not if I hit F5 instead).

- so it would have to be a temporary glitch in the DOM, that goes away after the page is loaded. But I guess there's no quick test I can do to disprove that .

[fixanoid]

Hi all, Ghostery developer here. This issue has been reported before as well, you may read up here: viewtopic.php?f=10&t=8363, I am pretty sure the cause is the same: NS changes some prioritizations in terms of which addons execute when, and this seems to break fragmentation (tho I am not too clear why).

Also, this is an intermittent issue, I wasn't always able to replicate this in test environments.

[sourcejedi]

Thanks!

"It happens also with NoScript uninstalled and JavaScript disabled from Firefox's own content panel."

- confirmed.

[GµårÐïåñ]

@fixanoid: NoScript doesn't change order of anything, in fact it has always executed last intentionally to allow other addons to do what they need to do. This is related to your content breakage that has been reported previously by me and tons of others on your site and the new "surrogates" that you have introduced which poorly handle and conflict, breaking many things. Unless you can provide actual technically reviewable information, don't come here and place blame when all indications are that its YOUR tool. The thread you linked clearly proved and showed that NoScript had nothing to do with the issue and for you to carelessly use that as proof that its a NS issue and suggest order of execution which wasn't even discussed in that topic is irresponsible and deceptive.

[sourcejedi]

Yep, that's exactly what I quoted.

[Though I didn't want to use that sort of tone. I can see why it might be useful to "set the record straight" for more casual readers, so to speak. But if we're talking about carelessness, or blaming unrelated issues - what the other thread mentioned was a scan which is not on the face of it related to surrogates. It was actually mentioned as being part of the GhostRank option. I've tried it again, and the issue does in fact only affect me when GhostRank is enabled].

[fixanoid]

Thanks Guardian, your opinion is already well regarded by our team, and I'll be sure to keep your thoughts at exactly the same regard.

[GµårÐïåñ]

Thanks Guardian, your opinion is already well regarded by our team, and I'll be sure to keep your thoughts at exactly the same regard.

Well thanks for that back handed insult but the fact is that you guys simply delete what exposes or challenges your BS on your end. In one day Alex deleted over half of the thread to hide the points made about his issue. So that's how you guys handle it, we at least say it in the open and keep it that way, we don't censor people.