Search found 3186 matches
- Sat Mar 16, 2013 4:33 am
- Forum: NoScript Development
- Topic: Websites detecting blockers now?
- Replies: 6
- Views: 4931
Re: Websites detecting blockers now?
Interestingly, I have no adblocking software; yet, if the top-level script is allowed, I still get the "Adblocking software detected" message. Temp-disabling RequestPolicy didn't change that. So apparently, the fact that NS blocks the ad scripts convinces them that you have ABP or similar ...
- Sat Mar 16, 2013 3:08 am
- Forum: Security
- Topic: Shoddy Security At Wells Fargo Bank
- Replies: 2
- Views: 6456
Shoddy Security At Wells Fargo Bank
Background: Anyone in the US is entitled by law to a free copy of their credit file, commonly referred to as a "credit report", once every twelve months, via https://www.annualcreditreport.com (Beware of similar addresses that are *not* the official site.) However, credit scores , which a...
- Wed Mar 13, 2013 6:09 am
- Forum: NoScript Support
- Topic: [RESOLVED] NoScriptSTS.db-xxxx.tmp
- Replies: 10
- Views: 7867
Re: NoScriptSTS.db-xxxx.tmp
if i kill the sandboxed FF, the updating and adding files stops in the non-sandboxed one, so there seems to be an interaction across the sandbox boundaries. Most users allow the browser to write through the sandbox to various parts of the actual profile on the hard drive, else new bookmarks, NoScri...
- Mon Mar 11, 2013 11:53 pm
- Forum: NoScript Support
- Topic: [RESOLVED] NoScriptSTS.db-xxxx.tmp
- Replies: 10
- Views: 7867
Re: NoScriptSTS.db-xxxx.tmp
Just caught this from the changelog : v 2.6.5.9rc2 Removed STS support for Gecko >= 4, which provides built-in HSTS ... Updating resulted in a NoScriptSTS.db file of zero bytes, and no db.tmp file at all. I would guess that the STS.db file might be removed from Gecko >=4 eventually, as being no long...
- Mon Mar 11, 2013 11:32 pm
- Forum: NoScript Development
- Topic: Not autoreloading / closing menu if clicked from toolbar
- Replies: 11
- Views: 6595
Re: Not autoreloading / closing menu if clicked from toolbar
(Assuming that the about:config settings described solved the autoreload issue, and addressing only the message bar.) With your Appearance settings, I can reproduce the lack of the message bar using the browser back and forward arrows as well as Alt+left or right arrow. However, if I then change a p...
- Mon Mar 11, 2013 11:06 pm
- Forum: NoScript Support
- Topic: [RESOLVED] NoScriptSTS.db-xxxx.tmp
- Replies: 10
- Views: 7867
Re: NoScriptSTS.db-xxxx.tmp
if i run with all add-ons disabled [safemode] the updating and adding files stops. if i run with all add-ons disabled except NS the updating and adding files starts again. I did not ask you to run in safe mode or disable all add-ons. I asked you to please create a clean profile and install a fresh ...
- Mon Mar 11, 2013 10:53 pm
- Forum: NoScript Support
- Topic: XSS issues
- Replies: 4
- Views: 3307
Re: XSS issues
Also, it would still be helpful to us if we could see this happening ourselves. As requested, please provide an exact set of steps to make the XSS message appear. Navigate to what site? Click what link(s)? Fill in what blanks with what? Et cetera -- until the XSS message shows. Then we can do exactl...
- Mon Mar 11, 2013 5:23 am
- Forum: NoScript Support
- Topic: [RESOLVED] NoScriptSTS.db-xxxx.tmp
- Replies: 10
- Views: 7867
Re: NoScriptSTS.db-xxxx.tmp
I find only a single instance of a file, NoScriptSTS.db.tmp , without any xxxx (alphanumerics) added, created each time I start the browser. However, this is not a representative case, because I run the browser sandboxed, and the sandbox dumps *everything* each time the browser is closed. Does it st...
- Mon Mar 11, 2013 5:08 am
- Forum: NoScript Support
- Topic: XSS issues
- Replies: 4
- Views: 3307
Re: XSS issues
Please provide exact steps to reproduce an XSS error. (II couldn't.) Then open Firefox Error Console (Ctrl+Shift+J), click the blue "Messages" icon, and copy/paste here any messages relating to NoScript. Especially those that start with [XSS]. (Note: If the spam filter trips, try enclosing...
- Sun Mar 10, 2013 5:01 am
- Forum: NoScript General
- Topic: http://localhost Blocked.
- Replies: 12
- Views: 11713
Re: http://localhost Blocked.
Try Perspectives.... Why, I just might do that! (I just did). ... it looks like yet another good layer of "defense-in-depth". Will let you know MHO after some experience with it. Thanks for the tip. I think this has been a fair trial period, and wanted to let you know I'm pleased with Per...
- Sun Mar 10, 2013 12:32 am
- Forum: NoScript General
- Topic: Suggestion: Global whitelist
- Replies: 4
- Views: 7426
Re: Suggestion: Global whitelist
It would be helpful if there was a global whitelist. Currently you can whitelist indidividual sites. But it would be more helpful if you can all a script for all sites. Are you referring to " Allow Scripts Globally (dangerous )"? This can be enabled via NoScript Options > Appearance , but...
- Wed Mar 06, 2013 8:52 am
- Forum: NoScript Support
- Topic: Bank Of America Wants To Force JavaScript
- Replies: 8
- Views: 9982
Re: Bank Of America Wants To Force JavaScript
I'm assuming that you trust BA, or you wouldn't bank there, at least not online, so what is the objection to allowing JS from them? (not from third parties, of course)
Most financial sites that I use require that their own scripting be permitted.
Most financial sites that I use require that their own scripting be permitted.
- Wed Mar 06, 2013 8:45 am
- Forum: NoScript Development
- Topic: Revoke Temporary Permissions On Tab Close
- Replies: 5
- Views: 3976
Re: Revoke Temporary Permissions On Tab Close
Revoke temporary permissions for SiteX.com does revoke it for all tabs of SiteX.com, regardless of whether you close the tabs. If you are asking for NoScript to automatically revoke the permissions when you close the tab, or the last open tab of SiteX, which if I understand correctly is your request...
- Tue Mar 05, 2013 5:43 am
- Forum: ABE
- Topic: ABE rule help needed
- Replies: 14
- Views: 11133
Re: ABE rule help needed
Maybe it's better to keep them split, as Giorgio (and I) suggested: Put the specific site first, and note that Giorgio's examples do *not* end in a global deny. The default SYSTEM rule follows, with the usual global deny. In plain English: Site LOCAL Accept from 192.168.1.36:52199 # Prevent Internet...
- Mon Mar 04, 2013 6:34 am
- Forum: ABE
- Topic: ABE rule help needed
- Replies: 14
- Views: 11133
Re: ABE rule help needed
@Guardian: Won't that cause all other local traffic to be blocked? ABE FAQ has a number of examples in which Giorgio specifies putting the specific rule *above* the general, especially FAQ 8.3 - 8.9. They tend to use 127.0.0.1, but I'd think ABE would recognize 192.168.x.x (router or LAN) as a LOCA...