noscript blocks access to external json file?

Post a reply

Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:

BBCode is ON
[img] is ON
[url] is ON
Smilies are ON

Topic review
   

Expand view Topic review: noscript blocks access to external json file?

Re: noscript blocks access to external json file?

by skriptimaahinen » Tue Jun 04, 2019 3:33 pm

By default NoScript has fetch permission enabled for DEFAULT-preset. This should allow downloading (fetching/XHR) from all domains that have no explicit permissions set. However, if you have removed fetch permission from DEFAULT, you can allow it for domain of your choice by setting that domain to CUSTOM and only ticking fetch.

Re: noscript blocks access to external json file?

by dothebart » Tue Jun 04, 2019 11:55 am

it didn't work for me until I put the slider to 'temporarily trusted' - since thats a broad domain where everyone puts stuff to having it allowed seems rather dangerous to me, thats why I would like to know why 'external' download URLs are blocked in this case.

Is there a way to only allow download?

Re: noscript blocks access to external json file?

by skriptimaahinen » Mon Jun 03, 2019 4:03 pm

Sanity check: you do have fetch enabled for the domain the json is fetched from, e.g. raw.githubusercontent.com?

Re: noscript blocks access to external json file?

by therube » Mon Jun 03, 2019 12:08 pm

(Not sure what I'm looking at/for, but I'll note that githubassets.com doesn't look to turn up, & presumably it should?)

noscript blocks access to external json file?

by dothebart » Mon Jun 03, 2019 11:51 am

Hi,
noscript blocks our Database frontend when fetching external json files - the source where this happens is here:

https://github.com/arangodb/arangodb/bl ... iew.js#L38

It should i.e. fetch this file:
https://raw.githubusercontent.com/arang ... ifest.json

and parse the JSON.

Can you please explain why noscript intercepts this, and whether there is a smarter way to do it.

TIA,
Willi

Top