InformAction Forums

[al_9x]

Georgio,

Please correct me if I am wrong, but it seems that that STS introduces an additional site-pref like or cookie like store, that is neither viewable, editable nor clearable from NS ui. Nor, it seems, is it possible to disable STS.

So in light of the above, a couple of requests:

1. Option to disable STS. It should be possible to disable any feature that allows sites to store any kind of state (cache, cookies, offline storage, history can all be individually disabled)
2. UI for viewing, editing and clearing the STS store

[Giorgio Maone]

Option to disable STS. It should be possible to disable any feature that allows sites to store any kind of state (cache, cookies, offline storage, history can all be individually disabled)

You've got noscript.STS.enabled in about:config.
Furthermore, Private Browsing suspends any persistence for STS, while purging session history erases the STS database as well.

UI for viewing, editing and clearing the STS store

Maybe in future. In the meanwhile, the store is easily editable by hand, being a simple text file in your profile named NoScript-STS.db.

[Alan Baxter]

purging session history erases the STS database as well

I'm unsure which setting covers that. In Options > Privacy > Settings for Clearing History, do I need to check Browsing History or Site Preferences or something else? Same question regarding Tools > Clear Recent History > Details.

Could you clarify?

[Giorgio Maone]

@Alan Baxter:
Browser History.

[Giorgio Maone]

BTW, I don't feel that happy with this "erase on browser history erasure" all-or-nothing feature, especially if you erase it automatically after each session, but on the other hand:

1. If you cleanup for privacy/shame reasons, you'd better use "Private Browsing", which works just fine with STS and has no downsides.
2. If you do it for some other policy reason but you have no objection to persist data about certain sites you want to protect by forcing HTTPS, you can still use NoScript Options|Advanced|HTTPS|Behavior.

[al_9x]

BTW, I don't feel that happy with this "erase on browser history erasure" all-or-nothing feature

If you are going to piggyback on one of built-in Fx clear items, it should probably be "site preferences."

Or you could add your own item, like TMP does (saved sessions)