InformAction Forums

Is this a legitimate feature that would be considered for a future release?

I am sorry, I totally misunderstood the problem! Let me try to summarise it. Current state: NoScript Options > General > "Temporarily set top-level sites to TRUSTED" sets full addresses to TRUSTED. What you want: Ability to make that setting act on base 2nd-level domains instead of full a...

"...example.com" trusts both "example.com" and *.example.com That's the way I wanted the feature to work. I never had a problem with NoScript before Firefox 57 with this. So to be clear, does it work that way for you or not? It does not currently work the way that I was expectin...

barbaz wrote:"...example.com" trusts both "example.com" and *.example.com

That's the way I wanted the feature to work. I never had a problem with NoScript before Firefox 57 with this.

barbaz wrote:That's expected behavior. http://www.city-data.com is a subset of ...city-data.com, trusting the former should *not* automatically trust the latter.

Is there a way to trust *.example.com then?

I have checked off: Temporarily set top-level sites to TRUSTED This should allow the top-level domains, which it does, but I noticed some sites here and there suffer from a bug. Some sites have two domains with the same name, but not both are honored by the Trusted permission. If we have a site www....

Here's the XSS notification NoScript gives:
http://pastebin.com/ev4zaaNb

Also, if I do an unsafe reload, this is the url in the address bar:
http://pastebin.com/UquGgwde

I have to pastebin these since the forum wouldn't allow them.
I'm assuming that USA Today should be notified?

barbaz wrote:Is this with NoScript 2.9.0.10 (or 2.9.0.10rc1)? If not please upgrade then re-try.

This log was with NoScript 2.9.0.10

I also tried 2.9.0.5RC2, but to no avail

I tested with this video: http://www.usatoday.com/videos/news/world/2016/03/23/82119260/ The problem happens with this, too. The logs from the Browser Console are as follows: unsafe CPOW usage noscriptService.js:4174:21 unsafe CPOW usage noscriptService.js:4178:10 unsafe CPOW usage noscriptService.j...

When this option is enabled in NoScript: "Sanitize cross-site suspicious requests" The video on this page does not load: http://www.usatoday.com/story/money/business/2016/03/16/nike-debuts-power-lacing-shoe/81884078/ I narrowed it down to this specific option. I even allowed all scripts an...