InformAction Forums

Hi NoScripters.
SimplySecure is trying to enhance NoScript's user experience (including a UI overhaul and better documentation), and is looking for volunteers to test their prototypes live.
If you're interested, send me a PM and I'll be glad to provide more details.
Thank you all!

Guest wrote: ↑

Thu Jul 11, 2019 6:19 pm

I'm colorblind, so I use custom colors in firefox. With these, the buttons on the NS tool bar button disappear.

You should be able to revert to the normal UI by unchecking NoScript Options>Appearance>High contrast appearance.

garifmg wrote: ↑

Wed Jul 10, 2019 10:36 pm

Trying clicking 'Direct download link" on "Get It," but could not be found on the server message appears.

Fixed, thanks.

If I assessed this correctly, having that non-functional setting in the export is just confusing, and could provide some people with false sense of security. Would it be possible to exclude the clearclick setting from NoScript Options export until ClearClick is actually available? A prototype was i...

barbaz wrote: ↑

Mon Jul 01, 2019 12:08 am

Giorgio just removed the offending line - https://github.com/hackademix/noscript/ ... 8cdec90f6f

I assume this means it will be fixed in next version of NoScript.

... which is already in the Chrome Store queue waiting for approval. Thank you.

Trying to reproduce on build 20190626093633 (Mozilla/5.0 (X11; Linux x86_64; rv:69.0) Gecko/20100101 Firefox/69.0) with no luck (on Yotube).
Any other site/config where you think this could be easier to notice?

Both issues fixed, thanks.

Notice also that "timeout" is probably misleading here, since any standard-compliant name resolution software will likely answer immediately with a "name or service not known" response.
See https://en.wikipedia.org/wiki/.invalid

Could you elaborate with at least one example?
Does it happen in the URL bar?
In subrequest?
Notice that NoScript performs no redirect at all, so what you're reporting is very strange and unheard before...

Yes, it's been an implementation overlook.
The right thing to do, IMHO, is setting the whole domain (no matter the protocol) as UNTRUSTED (as the UI would suggest), and let advanced users fine tune if they wish in the "NoScript Options>Per-site permissions" tab.
Putting this in my TODO list, thanks.

Could it be those options were related to the workaround for https://bugzil.la/1532530 that was nuked in 10.6.2 stable? If so do they still have some effect if left alone? After looking at the commit which removed the workaround , I am quite sure that these options don't have any effect anymore. No...

Updated: FF, 20190603160429, no change NoScript: 10.6.3rc7, no change Just tried 20190603160429, both with 10.6.2 and 10.6.3rc7 work for me: the three sites you've mentioned (msn, yahoo and youtube) are displayed correctly, no matter whether the domains are individually TRUSTED, or the restrictions...

It seems rc6 was not enough in all configurations
Please try latest development build again.
v 10.6.3rc7
=============================================================
x Further work-around for [Import] settings button
inconsistencies on Android
x Updated TLDs

Fixed in latest development build
v 10.6.3rc6
=============================================================
x Fixed [Import] settings button on Android

The feature was removed as soon as the underling bug was fixed in Firefox (so no false sense of security).
But yes, it should go away if I ever release another classic.