by Doppleganger » Tue Jun 15, 2021 8:46 pm
Barbaz:
As noted, I'm using NS in a chrome browser on Windows 10. The NS version is 11.2.4, released on 3.26.21, which appears (after a bit of searching and running an update on all extensions) to be the latest chrome-compatible offering. I see no "unrestricted CSS" checkbox, no "XSS choices" and no "sanitize cross-site suspicious request" checkbox. Leaving out the "sites" section of the file exported from NS before the reset, is as follows :
"TRUSTED": {
"capabilities": [
"script",
"object",
"media",
"frame",
"font",
"webgl",
"fetch",
"ping",
"noscript",
"other"
],
"temp": false
},
"UNTRUSTED": {
"capabilities": [],
"temp": false
*****Sites (DELETED HERE)*****
],
"custom": {}
},
"enforced": true,
"autoAllowTop": false
},
"local": {
"debug": false,
"showCtxMenuItem": true,
"showCountBadge": true,
"showFullAddresses": false,
"amnesticUpdates": false,
"storage": "local",
"uuid": "ce66f475-485e-4347-8480-dd08463b1020"
},
"sync": {
"global": false,
"xss": true,
"cascadeRestrictions": false,
"overrideTorBrowserPolicy": false,
"clearclick": true,
"storage": "sync"
}
}
We will both see "xss":true in the 7th line from the bottom of the exported NS file.
If I changed NS from its original configuration via the checkboxes, I would be happy to confess but I don't recall monkeying around with the default configuration given that I certainly can confess my ignorance is dangerously oceanic in this area. That is why I came for advice.
Any help you can give me in resetting the choices in the check boxes listed in my last post to attain better security would be a marvelous aid.
I'm running UBlock origin. And I will search for advisories on the right configuration. Port Authority is unfamiliar to me but, pursuant to your commendation, I'll definitely put it on the list of system improvements.
Aside, I know FUBAR and the related SNAFU from life and their argued origin in military acronym culture.
Here's the first part of the joke which I hope is new to you: "How does a Buddhist monk order a hot dog?" Assuming the usual response ("I don't know"), I'll deliver the punchline in my next post.
Please have my renewed appreciation for your time and consideration.
Regards,
Doppleganger
Barbaz:
As noted, I'm using NS in a chrome browser on Windows 10. The NS version is 11.2.4, released on 3.26.21, which appears (after a bit of searching and running an update on all extensions) to be the latest chrome-compatible offering. I see no "unrestricted CSS" checkbox, no "XSS choices" and no "sanitize cross-site suspicious request" checkbox. Leaving out the "sites" section of the file exported from NS before the reset, is as follows :
"TRUSTED": {
"capabilities": [
"script",
"object",
"media",
"frame",
"font",
"webgl",
"fetch",
"ping",
"noscript",
"other"
],
"temp": false
},
"UNTRUSTED": {
"capabilities": [],
"temp": false
*****Sites (DELETED HERE)*****
],
"custom": {}
},
"enforced": true,
"autoAllowTop": false
},
"local": {
"debug": false,
"showCtxMenuItem": true,
"showCountBadge": true,
"showFullAddresses": false,
"amnesticUpdates": false,
"storage": "local",
"uuid": "ce66f475-485e-4347-8480-dd08463b1020"
},
"sync": {
"global": false,
"xss": true,
"cascadeRestrictions": false,
"overrideTorBrowserPolicy": false,
"clearclick": true,
"storage": "sync"
}
}
We will both see "xss":true in the 7th line from the bottom of the exported NS file.
If I changed NS from its original configuration via the checkboxes, I would be happy to confess but I don't recall monkeying around with the default configuration given that I certainly can confess my ignorance is dangerously oceanic in this area. That is why I came for advice.
Any help you can give me in resetting the choices in the check boxes listed in my last post to attain better security would be a marvelous aid.
I'm running UBlock origin. And I will search for advisories on the right configuration. Port Authority is unfamiliar to me but, pursuant to your commendation, I'll definitely put it on the list of system improvements.
Aside, I know FUBAR and the related SNAFU from life and their argued origin in military acronym culture.
Here's the first part of the joke which I hope is new to you: "How does a Buddhist monk order a hot dog?" Assuming the usual response ("I don't know"), I'll deliver the punchline in my next post.
Please have my renewed appreciation for your time and consideration.
Regards,
Doppleganger