InformAction Forums

Asphyx wrote: ↑Wed Nov 05, 2025 5:02 pm long time ago this was already asked by me and others,

Threads merged. Please see Forum Rules #8 and #14

EDIT Updated the thread title because this is not only a FF 91 ESR issue, it's still current and relevant.

The crashes are sometimes so severe that all of windows freezes, It is not technically possible for NoScript or any other WebExtension to cause this. If you find this type of symptom correlated with NoScript use, the cause is either a Firefox bug , or some third-party software on your system interf...

4 Dedicated Worker processes This could be very relevant, espsecially looking at your latest screenshots. To avoid workers bypassing NoScript's security measures, NoScript needs to be able to act in worker contexts, but since there is no proper WebExtensions API for that, NoScript has to resort to ...

Does Edge have the Chromium developer tools Console? If so, do you see any related messages there?

https://discourse.ubuntu.com/t/improving-ui-security-a-few-practical-controls/69101 A lot of these have probably already been extensively discussed on this site, but this is still a nice list. The first tip is intriguing, I've seen websites use HttpOnly+Secure cookies for some UI settings but did n...

What version of NoScript?

val_0 wrote: ↑Thu Oct 09, 2025 2:57 am I haven't been able to find a combination of permissions that works with NoScript on.

Have you tested with "Disable restrictions for this tab"?
If so and if that didn't help, have you tested with "Disable restrictions globally (dangerous)"?

@ArgueForSport: Just saw your edit now pretty much by happenstance. For future reference, if you report that a problem is resolved and a moderator has edited the title accordingly, and it turns out the problem was not actually resolved, it's OK to reply to your own post so that this shows up as &quo...

Can confirm that URL trips the XSS filter in NoScript 13.0.8.903. Relevant Browser Console messages: [NoScript] [InjectionChecker] wiki/Dr._No_(film) /**/ DUMMY_EXPR has been flagged as dangerous JS (_() log.js:34:15 [NoScript] [InjectionChecker] JavaScript Injection in ///wiki/Dr._No_(film) functio...

Firefox 142 NoScript 13.0.8.903 new profile STR: 1) resize the FF window small vertically (to make this easier to reproduce) 2) NoScript Options > Per-site Permissions, add a site that's lower alphabetically than the bottom of the visible window but not at the bottom of the list of sites 3) click th...

We don't know why offhand, but we can help troubleshoot. What is "FULL permissions": - Setting every site listed in the NoScript popup to (Temp.) TRUSTED, repeating until no more sites are shown? - Setting every site listed in the NoScript popup to CUSTOM with all checkboxes checked, repea...

BTW, what's the purpose of the § symbol in the settings file? That's how NoScript stores that the "Match HTTPS content only" padlock is enabled when it isn't self-evident that the entry should match HTTPS content only (i.e. the entry is domain/subdomains, not an exact full address that al...

when I Trust a script source from the popup for a given site, I thought that permission becomes global. For example, if I Trust facebook.net on anysite.com, then it becomes Trusted on everysite.com, right? Yes, TRUSTED is a global permission. Only CUSTOM can be contextual. If you set a site to CUST...

You're welcome https://i.psyche.me/thumbsup_right.gif For completeness, should also note that if what you want is a contextual permission where *.cloudfront.net is trusted only when browsing specific site , you can make the contextual permission in the NoScript popup and then edit it in NoScript Opt...

Trusting *.cloudfront.net is about as fine-grained as trusting *.com. Any website can get their own subdomain(s) of cloudfront.net. This is why cloudfront.net is treated as an effective top-level domain and the NoScript popup provides no way to trust *.cloudfront.net. That said, you can still do it ...

I use Xubuntu 22.04, and to take a screenshot of the NoScript popup I would use the command-line program "scrot" with a delay, e.g. 2 seconds: scrot -d 2 Then open the NoScript popup before the command returns, and leave it open until the command returns. If you don't have scrot, you can i...