lakrsrool wrote:What would be the problem just disabling the CITIBANK rule-set all the time as it now allows citibank to work and presumably all other sites will still use ABE presumably. I was looking for a way to disable ABE for Citibank exclusively all the time and this seems to do this.
What is the risk of doing this other than whatever risk there would be using Citibank?
IIRC, you needed some XSS exceptions for Citibank. If so, the ABE rules would be to make the XSS exceptions not so dangerous.
lakrsrool wrote:If this is not a good idea to disable the CITIBANK ruleset all the time to allow me to use Citibank whenever I need to without adding other steps then I guess I would need another ruleset specifically for the ABE warning banner I'm currently getting (but of course knowing Citibank another ruleset will be needed down the road again some time).
Hang on, you asked about this before, didn't you? -
https://forums.informaction.com/viewtop ... 23&t=22632
Ok, so if your ABE rules are same as before, you have "
https://start.me/*" somewhere in your ruleset, right? Try adding "
https://palemoon.start.me/*" next to it, separated by a single whitespace.
If your ruleset looks like
https://forums.informaction.com/viewtop ... 218#p87218, also change
Code: Select all
Site https://online.citi.com/US/JRS/portal/index.do
to
Code: Select all
Site https://online.citi.com/US/JRS/portal/index.do*
If this doesn't help, please post or PM me the Browser Console messages.
lakrsrool wrote:I'm a bit confused on how by creating an isolated rule-set disabled ABE for Citibank just because I disable the rulesets for Citibank (the rulesets were required to get Citibank to work each time a ruleset was needed), it seems to me as long as ABE is enabled this would apply to all sites (I'm probably not understanding how all this works of course).
Because the protection ABE provides, is all in the ABE rules.
You have rules are specific to Citibank, so in your case it's just a matter of isolating the Citibank rules in their own ruleset and disabling it. If other rules were implicated, it'd be a bit more complicated to disable ABE on one specific site, but still doable.
[quote="lakrsrool"]What would be the problem just disabling the CITIBANK rule-set all the time as it now allows citibank to work and presumably all other sites will still use ABE presumably. I was looking for a way to disable ABE for Citibank exclusively all the time and this seems to do this.
What is the risk of doing this other than whatever risk there would be using Citibank?[/quote]
IIRC, you needed some XSS exceptions for Citibank. If so, the ABE rules would be to make the XSS exceptions not so dangerous.
[quote="lakrsrool"]If this is not a good idea to disable the CITIBANK ruleset all the time to allow me to use Citibank whenever I need to without adding other steps then I guess I would need another ruleset specifically for the ABE warning banner I'm currently getting (but of course knowing Citibank another ruleset will be needed down the road again some time).[/quote]
Hang on, you asked about this before, didn't you? - https://forums.informaction.com/viewtopic.php?f=23&t=22632
Ok, so if your ABE rules are same as before, you have "https://start.me/*" somewhere in your ruleset, right? Try adding "https://palemoon.start.me/*" next to it, separated by a single whitespace.
If your ruleset looks like https://forums.informaction.com/viewtopic.php?p=87218#p87218, also change
[code]Site https://online.citi.com/US/JRS/portal/index.do[/code]
to
[code]Site https://online.citi.com/US/JRS/portal/index.do*[/code]
If this doesn't help, please post or PM me the Browser Console messages.
[quote="lakrsrool"]I'm a bit confused on how by creating an isolated rule-set disabled ABE for Citibank just because I disable the rulesets for Citibank (the rulesets were required to get Citibank to work each time a ruleset was needed), it seems to me as long as ABE is enabled this would apply to all sites (I'm probably not understanding how all this works of course).[/quote]
Because the protection ABE provides, is all in the ABE rules.
You have rules are specific to Citibank, so in your case it's just a matter of isolating the Citibank rules in their own ruleset and disabling it. If other rules were implicated, it'd be a bit more complicated to disable ABE on one specific site, but still doable.