ABE is not about script-blocking at all. There is no interaction between them. ABE does not automatically whitelist anything, and it will apply to all sites, whitelisted or not.
The original purpose of ABE was to protect sensitive sites against fraudulent requests from other sites. The classic example is something like this:
Code: Select all
Site .bank.com
Accept from SELF
Deny
So other sites you visit can't send requests to your bank telling it to transfer money to themselves.
If you want to use ABE for site-specific blocking, you certainly can, but you have to use it separately to regular whitelisting.
Usually, this means that you need to allow the site in the regular whitelist (otherwise it will be blocked everywhere), and then use an ABE rule to manage it. The googleapis rule at the start of this thread looks about right.
Code: Select all
Site <the site I want to allow only at some places>
Accept from <list of sites where it should be allowed>
Deny
If this looks backward, that's because it was designed to protect 'Site' from cross-site requests.
Effectively, the rule at the start of this thread tells ABE that ajax.googleapis.com and google.com are sensitive, and that only themselves and goal.com should be allowed to access them.
ABE is not about script-blocking at all. There is no interaction between them. ABE does not automatically whitelist anything, and it will apply to all sites, whitelisted or not.
The original purpose of ABE was to protect sensitive sites against fraudulent requests from other sites. The classic example is something like this:
[code]
Site .bank.com
Accept from SELF
Deny
[/code]
So other sites you visit can't send requests to your bank telling it to transfer money to themselves.
If you want to use ABE for site-specific blocking, you certainly can, but you have to use it separately to regular whitelisting.
Usually, this means that you need to allow the site in the regular whitelist (otherwise it will be blocked everywhere), and then use an ABE rule to manage it. The googleapis rule at the start of this thread looks about right.
[code]
Site <the site I want to allow only at some places>
Accept from <list of sites where it should be allowed>
Deny
[/code]
If this looks backward, that's because it was designed to protect 'Site' from cross-site requests.
Effectively, the rule at the start of this thread tells ABE that ajax.googleapis.com and google.com are sensitive, and that only themselves and goal.com should be allowed to access them.