Options: How to choose

Post a reply


In an effort to prevent automatic submissions, we require that you complete the following challenge.
Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:

BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON

Topic review
   

Expand view Topic review: Options: How to choose

Re: Options: How to choose

by san » Tue Apr 21, 2020 9:41 pm

Thanks for the explanation, Barbaz, I understand Noscript better now. :D

"Temporarily set top-level sites to TRUSTED" checked suits me better, and as a result, will greatly lighten my list of sites checked as TRUSTED, will only remain necessary custom permissions for third party resources, a bit like uMatrix after all but Noscript is faster to use to me.

Re: Options: How to choose

by barbaz » Tue Apr 21, 2020 9:12 pm

san wrote:
Tue Apr 21, 2020 8:02 am
What would be, for the default NoScript permissions, the equivalent of uMatrix (which by default allows CSS and images)
There is no exact equivalent. NoScript and µMatrix have different purposes, different functionality.

Probably the closest to µMatrix default configuration would be:
- un-checking everything except "font" under DEFAULT preset, and
- checking "Temporarily set top-level sites to TRUSTED".

NoScript does not restrict images or CSS stylesheets, and µMatrix does not block remote fonts by default.

Re: Options: How to choose

by san » Tue Apr 21, 2020 8:02 am

Hello,

What would be, for the default NoScript permissions, the equivalent of uMatrix (which by default allows CSS and images)

It's true that understanding NoScript's permissions definition could be a great help for everyone, so I'd like to ask Mr. Maone if he could add on the permissions page in the NoScript preferences, a clear and precise explanation of what those permissions represent.

Many thanks in advance.

Re: Options: How to choose

by barbaz » Tue Jan 15, 2019 4:43 pm

LoneRanger1012 wrote:
Tue Jan 15, 2019 5:49 am
it appears that if I select the Custom scope for a web address, the options that were found on that page are highlighted with a brown color. If those brown options are checked, they are not blocked, so whatever is blocked is somewhere else in the list. If this is a valid observation, how can I find the actual blocked items?
The brown highlight is only about network requests. So for example, if a site has only inline scripts, the brown highlight won't show up for "script" despite there being some blocked scripts.

There will always be some trial-and-error in finding what needs to be unblocked to get the functionality you want working.
LoneRanger1012 wrote:
Tue Jan 15, 2019 5:49 am
since I am not an expert in Internet Security, how can I figure out if it is dangerous to allow this particular item through?
FAQ 1.11
viewtopic.php?p=75314#p75314
LoneRanger1012 wrote:
Tue Jan 15, 2019 5:49 am
Further, can I temporarily allow customized items?
Sure, just click the clock at the right of the "Custom" label. (It will revert to Default when the temporary permission expires.)

Re: Options: How to choose

by LoneRanger1012 » Tue Jan 15, 2019 5:49 am

It appears that I can hover over the NoScript icon and see whether any items are being blocked by NoScript, and when trying to figure out what those are, it appears that if I select the Custom scope for a web address, the options that were found on that page are highlighted with a brown color. If those brown options are checked, they are not blocked, so whatever is blocked is somewhere else in the list. If this is a valid observation, how can I find the actual blocked items? Then, since I am not an expert in Internet Security, how can I figure out if it is dangerous to allow this particular item through?

Further, can I temporarily allow customized items?

Re: Options: How to choose

by FranL » Sun Dec 17, 2017 4:16 pm

SafeTex wrote:What is a good general setting for sites and why?
I uncheck all checkboxes in the DEFAULT and UNTRUSTED presets. In the TRUSTED preset, I check every checkbox except WebGL. So few of the pages I visit use WebGL that I just prefer not to download such content unless I absolutely have to.

Re: Options: How to choose

by bo elam » Sun Dec 03, 2017 10:01 pm

SafeTex wrote:Hello
What is a good general setting for sites and why?
For me personally, I uncheck all boxes for Default and Untrusted, and tick all boxes for Trusted. That gives me a more restricted experience than I had with the old version. I remember I used to forbid WebGl for Trusted domains before and I am leaving it allowed now but even with that, the setup is pretty strong like I have it.

Bo

Re: Options: How to choose

by barbaz » Sun Dec 03, 2017 5:57 pm

As I understand it (please correct me if I'm wrong):

script - JavaScript, e.g. <script> tags

object - plugin objects

media - HTML5 audio/video

frame - subdocuments, e.g. <frame> and <iframe>

font - remote fonts

webgl - WebGL

fetch - whether other sites can make XMLHttpRequest and Fetch request to this site

ping - destination of navigator.sendBeacon and hyperlink ping attribute

other - requests where Firefox cannot identify the request type (ref https://hackademix.net/2017/12/04/noscr ... ment-39964)

Options: How to choose

by SafeTex » Sun Dec 03, 2017 5:48 pm

Hello

One more question please.

I've read: https://forums.informaction.com/viewtop ... =7&t=23974

and looked elsewhere but I can't find what it means in concrete terms to block or allow the options "script" "object", "media", "frame" "font" etc. etc. etc.

What is a good general setting for sites and why?

Thanks in advance for any help

Top