InformAction Forums

I can't seem to get a screenshot with the NS drop down open. What happens is that the page loads and I can read it, but after about 5 seconds it reloads the page and it goes completely white. I don't understand how this is possible. I turn off Temp. Trusted - nothing is trusted - and it still someh...

No, it's not possible for a website to overturn NoScript permissions.
In facts, the page stays blocked for me.
Could you please send a screenshot including NoScript's popup on the page?
Thanks.

It's working fine for me in 78..
Could you re-upgrade to 11.2.3 and double check wether NoScript Options>General>DEFAULT has the "noscript" capability enabled?

novaleaf wrote: ↑

Wed Feb 24, 2021 5:16 pm

But will try to start by manually approving sites.

Good idea, it's the safest usage pattern

Issue: I have "Temporarily set top-level sites to TRUSTED" and "Cascade top document's restrictions to subdocuments" checked. In the past, this seemed to work as I expected, as sites behaved "normally" unless I further restrict a resource like blocking facebook or the such. As barbaz pointed out, t...

What about Any capability blocked in the top document must be blocked in its subdocuments too?

The domain which needs to be manually set to TRUSTED (in NoScript Options>Per site Permissions) is content-dictionaryextension-pa.googleapis.com I had to debug the background page of the extension to find out that it contains an iframe pointing to an entire page on that site which does the heavy lif...

I'll try what you're talking about but what I can tell you is that with 11.2 Startpage loads the pages without javascript while 11.2.3 requires it to be trusted at all times. "whitout javascript" does not mean UNTRUSTED. "Normally" (i.e. in a normal NoScript installation) no site is allowed to run ...

Guest wrote: ↑

Mon Feb 22, 2021 9:32 pm

Normally it's configured as untrusted

What does "normally" mean?
Why is it not DEFAULT?
And if there's a good reason, why not setting it to CUSTOM with the "noscript" capability, or check the "noscript" capability in the UNTRUSTED preset?

What does "noscript" capability do when enabled for a site that has scripts allowed? It has it to avoid surprise when cascading restrictions. Thanks. Just to make sure I have it right: on actually script-allowed sites, it does nothing; when "Cascade top documents restrictions..." is enabled, it con...

Bug coming from an accidentally misconfigured feature . Please upgrade to latest development build for an immediate and complete fix, or manually check the "noscript" capability in the DEFAULT preset tab (NoScript Options>General) as a work-around (which may not work on some sites due to a race cond...

Why does the trusted preset have this option, too? Sorry if I missed it, but I wonder the same but don't see the answer above? What does "noscript" capability do when enabled for a site that has scripts allowed? It has it to avoid surprise when cascading restrictions. And shouldn't this be enabled ...

And what's the purpose of this option? What differences there are if allowed or not? It controls whether the <noscript> element is rendered or not (included emulating meta refreshes inside the element). It's your choice, depending on the site. It has been requested by users who perceived some fallb...

The "noscript" pseudo-capability should, indeed, be enabled by default in the DEFAULT preset. In facts, that's the case if you install from scratch, and it was supposed to be the case if you upgraded from any version < 1.2.1rc4. Unfortunately a little typo bug sneaked in, and the latter does not act...

Because surely I'd want the newest ones kept, no? Why has it sync'ed to older whitelists on the old machine, rather than the newer ones that have been updated more recently? Is this a privacy thing that I've not quite understood? Firefox keeps timestamps of the browser.storage.sync keys, and syncs ...