Guest wrote:I'm trying real hard to understand the order some addons are processed in Firefox, say the latest version. I'll give an example. And the rest of the initial letter is going to be below in case someone needs more details. Answers, links, anything that would shed some light. Or a better place to ask this.
NoScript has google-analytics on the Unsafe list. I've just read that Request Policy is working on version 1.0 which will have blacklists too. For the moment google-analytics is not allowed anyway by RP. But I also have AdBlock block what comes from that direction. How can I optimise this flow?
NoScript is rather indiscriminate. I mean a site could have evil.js and menu.js on the same server. Either I enable both or I disable both.
AdBlock seems more fine grained. I could just block evil*.* and my problems would fly away. Kidding. And Request Policy just blocks any other site I dislike.
NoScript deliberately runs last, so that RequestPolicy and adblockers work the way people expect. This is configurable via the noscript.cp.last property in about:config; see viewtopic.php?p=36488#p36488.
That's because of Giorgio's definition of trusted. A trusted site is one that you can hold accountable. If that's the case, and they host evil.js, then sue them. If you can't hold them accountable, then either you go without menu.js, or you use another countermeasure for evil.js.
Actually, if you really want fine-grained, then you want NoScript's ABE module. Full control over all requests; you can specify exactly which requests to allow, which ones should have authentication/cookies stripped, which ones should not be allowed to run active content on the target page, and which ones are just blocked, based on both the source and destination addresses. There's only one simple rule built in, aimed at protecting your LAN/router, but I'm trying to collect more, and I'm also seriously investigating making a RequestPolicy-style frontend for it (currently you have to write the rules using ABE's syntax - which is not so hard to learn, but is cumbersome for general-purpose blocking).
Guest wrote:Any chance on the horizon to have ABE just as easy? That would mean for those willing and able to train their own filter rules that Adblock Plus would be mostly redundant too.
As per my previous comment, I'm working on this using a modified version of the RequestPolicy interface. Still in design stages, but I'm keen to get it done.
Guest wrote:As per my previous comment, I'm working on this using a modified version of the RequestPolicy interface. Still in design stages, but I'm keen to get it done.
That's wonderful! Any place where one can check for updates?
Users browsing this forum: Google [Bot] and 3 guests