InformAction Forums

It's https://github.com/hackademix/noscript/issues/444 and it's fixed in latest develpment version.

1. Are you setting those permissions while in Incognito mode?
2. Have you got any "Cleaning" software which claims to scrub your browser data?

barbaz wrote: ↑Tue May 20, 2025 12:19 am Is there any possibility this is related to when a site registers a ServiceWorker?

Good call.

It's tracked as issue #444, and should be fixed in 13.0.6.902.

What if we remove the technical stuff and just try to convey the basic information? "Automatically trust sites loaded as the top level document" Speaking about "current session" is technically correct, but kinda moot, because as long as the option is enabled this keeps happening ...

I'll try to better detail the reasoning behind my "Automatically grant TRUSTED capabilities to the top-level document's origin" proposal: 1. We don't apply neither the "TRUSTED" nor the "Temp. TRUSTED" presets anymore: instead we create and apply a CUSTOM capabilities s...

OK, after re-reading the whole thread, and taking in account issue 417's resolution, I'd settle with
"Automatically grant TRUSTED capabilities to the top-level document's origin'.

WDYT?

fatboy wrote: ↑Thu Aug 29, 2024 9:59 am

Giorgio Maone wrote: ↑Tue Aug 20, 2024 6:02 pm … maybe it should be changed to "Automatically set top-level sites to Temp. TRUSTED"?

What about a tooltip?

The tooltip screenshot is gone

Thanks Giorgio! Is there a technical possibility (and sense) to replace the phrase "Enable these capabilities when top page matches ANY SITE" (in the drop-down menu -> CUSTOM -> file:///D/path) with "Enable this capabilitie when directory/path matches" (+ only one checkbox x-loa...

It should be fixed now in latest development build (12.9.901 AKA 13 beta1):

v 12.9.901
============================================================
x Fixed automatic temporary permissions require reload
(thanks scottg for reporting)

Starting with NoScript 12.6 on Firefox 138.0.1 (latest), and macOS 15.4.1 (latest), the behavior for "Temporarily set top-level sites to TRUSTED" appears to have changed. The drop-down menu showing website permissions now shows the top-level website as temporarily having custom permission...

All I get is the <X-LOAD>@file: over the NoScript logo as the image. If I click on it it gives me the option to temporarily display the correct image but not a permanent fix. Did you try unchecking the "[x] Temporarily allow <X-LOAD>" option on the prompt to make the permission permanent ...

The issue with data: URLs being errononously intercepted is fixed in 905 . Long URLs in prompt will need more thought and work, but should be a lesser problem now. v 12.5.905 ============================================================ x [UX] Honor non-contextual x-load capability granted from NoScr...

fatboy wrote: ↑Thu Apr 24, 2025 4:19 pm Images are base 64.

Do you mean they're data: URLs?

Could please you share the HTML file to check? Thanks!

Should be fixed in latest dev build, thanks:

v 12.5.903
============================================================
x Fixed infinite x-load blocking loops (thanks barbaz for
reporting)
x Always honor the "Collapse blocked objects" option

So, if file:/// saved from example.com. is open and it wants to load active content from notexample.com, then the "x-load" checkbox should appear in file: -> CUSTOM with the tooltip: "Capability for ‹…› directory." More like if you open "file:///home/fatboy/Downloads/somepa...