I need to be able to whitelist a top level domain, not just second and third level subdomains. How can I do this?
I have added a top level domain, but it appears to be ignored.
Top Level Domain Support
Top Level Domain Support
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Re: Top Level Domain Support
That is because whitelisting a TLD is virtually the same as "Scripts Globally Allowed (dangerous)", because you have no idea what second-level domains have registered, or will register, with that TLD in the future. Thus exposing you to the entire scripting universe of that TLD. This is why NS will not let you do this. Even .edu could have an evil person register some malicious site under an innocent-appearing *.edu subdomain name.DaVinci wrote:I need to be able to whitelist a top level domain, not just second and third level subdomains. How can I do this?
I have added a top level domain, but it appears to be ignored.
Trying to stretch the imagination, perhaps you have created some private, unregistered TLD on your own LAN or whatever. Just whitelist all sites within it, or whitelist the LAN IP of that internal domain, if that is really what you want to do.
Mozilla/5.0 (Windows NT 5.1; rv:16.0) Gecko/20100101 Firefox/16.0
Re: Top Level Domain Support
As a matter of fact, we do have a private tld and that tld is reachable over the public internet with several hundred well controlled subdomains. It is practicly impossible for a malicious person to register a subdomain that would have malicious code. At least no more possible than putting the code into an existing subdomains code.Trying to stretch the imagination, perhaps you have created some private, unregistered TLD on your own LAN or whatever. Just whitelist all sites within it, or whitelist the LAN IP of that internal domain, if that is really what you want to do.
Last edited by DaVinci on Thu Feb 14, 2013 7:42 pm, edited 1 time in total.
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Re: Top Level Domain Support
If they're in the same subnet, then you can do it: http://noscript.net/features#shorthandDaVinci wrote:As a matter of fact, we do have a private tld and that tld is reachable over the public internet with several hundred well controlled subdomains. It is practicly impossible for a malicious person to register a subdomain that would have malicious code. At least no more possible than putting the code into an existing subdomains code.
Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:18.0) Gecko/20100101 Firefox/18.0
Re: Top Level Domain Support
Unfortunately, I have the whole internet address range to deal with, so the shorthand method will not work.
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Re: Top Level Domain Support
If you have a complete list of the registered subdomains, then you could export your whitelist, add the list of subdomains, and re-import it.
Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:18.0) Gecko/20100101 Firefox/18.0
Re: Top Level Domain Support
Unfortunently, I do not have such a list. This is why I needed to use the tld. I am not the controller of such things, only a lowly scripter.Thrawn wrote:If you have a complete list of the registered subdomains, then you could export your whitelist, add the list of subdomains, and re-import it.
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Re: Top Level Domain Support
The controller of such things needs to know that you need to know exactly which subdomains to whitelist, else you cannot have NoScript's full protection.DaVinci wrote:Unfortunently, I do not have such a list. This is why I needed to use the tld. I am not the controller of such things, only a lowly scripter.Thrawn wrote:If you have a complete list of the registered subdomains, then you could export your whitelist, add the list of subdomains, and re-import it.
Please feel free to point the controller of such things to this topic, and perhaps to join the discussion.
Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0.2