Search found 129 matches

by tlu
Sat Jun 11, 2011 4:24 pm
Forum: NoScript Development
Topic: Discussion: Site Specific Permissions Policy
Replies: 165
Views: 69249

Re: Discussion: Site Specific Permissions Policy

This "solution" is extremely unfriendly, it kills placeholders, the blocked objects menu, the embeddings icon feedback, requires fiddling with rules for every unblocking. This solution is more painful than the problem, no one is going to do this. On the other hand this: On site1 Accept em...
by tlu
Fri Jun 10, 2011 10:08 am
Forum: NoScript Development
Topic: Add temporarily to Left clicking on NoScript toolbar button
Replies: 3
Views: 1027

Re: Add temporarily to Left clicking on NoScript toolbar but

Never had the occasion to use the Toolbar icon, though if I did, & long knowing that it was a toggle , I certainly would not want it to default to anything remotely Permanent. If there's a Preference, fine, but default it to Temporary, & force those who wish to do so, knowingly (& forci...
by tlu
Mon May 23, 2011 9:55 am
Forum: NoScript General
Topic: LastPass security hole (cross site scripting)
Replies: 35
Views: 19814

Re: LastPass security hole (cross site scripting)

No, I didn't mean for this to be a debate on the merits of each, and you've answered some concerns. I have just two thoughts that came to mind upon reading your post: 1) If the encrypt/decrypt is done only on your own computer, then why involve a third-party website at all, when a free, 3-MB tool d...
by tlu
Tue May 10, 2011 4:02 pm
Forum: NoScript General
Topic: LastPass security hole (cross site scripting)
Replies: 35
Views: 19814

Re: LastPass security hole (cross site scripting)

Just some food for thought... 1) What if LastPass goes out of business? 2) Corrupt employee takes a bribe to do evil? 3) Disgruntled employee does evil to get revenge? 4) Innocent employee extorted by threats against family, etc.? 5) DOS attack knocks their servers offline for some number of hours,...
by tlu
Mon May 09, 2011 4:56 pm
Forum: NoScript Development
Topic: JS-like management for cookies and images
Replies: 8
Views: 2125

Re: JS-like management for cookies and images

For cookie management several FF extensions are available. The best one is, IMHO, is Cookie Monster.

Regarding images, most of them contained in ads are already blocked by AdblockPlus and Noscript.
by tlu
Mon Mar 21, 2011 5:05 pm
Forum: ABE
Topic: [RESOLVED] Why doesn't this ABE rule block Java?
Replies: 9
Views: 3694

Re: [RESOLVED] Why doesn't this ABE rule block Java?

Is this generally impossible in ABE or isn't it just not implemented? If the latter is the issue, implementing this would be highly appreciated as it would make life a lot easier ABE is designed and implemented to be as decoupled as possible from NoScript and the DOM. Triggering placeholders from i...
by tlu
Mon Mar 21, 2011 4:04 pm
Forum: NoScript Support
Topic: NoScript & Lastpass problem
Replies: 3
Views: 1788

Re: NoScript & Lastpass problem

Problem solved. It was NoScript trying to force HTTPS connection to Lastpass site: [NoScript HTTPS] Forced Channel m I added an exception in NoScript to never force HTTPS in lastpass.com, and now Lastpass is working again as expected. Thank you anyways. Strange. I have it in the list of sites where...
by tlu
Mon Mar 21, 2011 3:56 pm
Forum: ABE
Topic: [RESOLVED] Why doesn't this ABE rule block Java?
Replies: 9
Views: 3694

Re: [RESOLVED] Why doesn't this ABE rule block Java?

Giorgio, another thought. One big disadvantage of blocking objects by the mentioned ABE rule is that the usual placeholders are not visible. Is this generally impossible in ABE or isn't it just not implemented? If the latter is the issue, implementing this would be highly appreciated as it would mak...
by tlu
Mon Mar 21, 2011 9:34 am
Forum: ABE
Topic: [RESOLVED] Why doesn't this ABE rule block Java?
Replies: 9
Views: 3694

Re: [RESOLVED] Why doesn't this ABE rule block Java?

The latest build works indeed as expected. Thanks a lot, Giorgio!
by tlu
Sun Mar 20, 2011 2:34 pm
Forum: ABE
Topic: [RESOLVED] Why doesn't this ABE rule block Java?
Replies: 9
Views: 3694

Re: Why doesn't this ABE rule block Java?

Another example: If I go to m there is this message in the Error Console: [ABE] <*> Deny INCLUSION(OBJ, SUBDOC) on {GET m <<< m, m - 5} USER rule: Site * Deny INCLUSION(OBJ, SUBDOC) .. but I can view the video on that site although no exception rule for mozilla.com exists in ABE. I might have a basi...
by tlu
Sun Mar 20, 2011 1:44 pm
Forum: ABE
Topic: [RESOLVED] Why doesn't this ABE rule block Java?
Replies: 9
Views: 3694

[RESOLVED] Why doesn't this ABE rule block Java?

In Options -> Embeddings I forbid any objects via Noscript. In order to tighten security I've added the following rule suggested by Giorgio to ABE -> USER: Site * Deny INCLUSION(OBJ, SUBDOC) I went to m which I've whitelisted in Noscript but for which I did NOT create an exception rule in ABE. But t...
by tlu
Thu Mar 17, 2011 2:38 pm
Forum: ABE
Topic: Definitely block requests to facebook from 3rd-party sites
Replies: 13
Views: 10366

Re: Definitely block requests to facebook from 3rd-party sit

Giorgio Maone wrote:
tlu wrote:Giorgio, including .mafiawars.com and .eamobile.com in the "Accept from" line is really no mistake? I'm asking as I'm not familiar with these sites. Are they related to Facebook?

They're needed for some popular Facebook games to work.

I see. Thanks!
by tlu
Thu Mar 17, 2011 12:16 pm
Forum: ABE
Topic: Definitely block requests to facebook from 3rd-party sites
Replies: 13
Views: 10366

Re: Definitely block requests to facebook from 3rd-party sit

Might be worth updating 8.10 to include "facebook.net". I had actually done it, but forgot to upload the changes. Thanks for noticing. Giorgio, including .mafiawars.com and .eamobile.com in the "Accept from" line is really no mistake? I'm asking as I'm not familiar with these si...
by tlu
Wed Mar 02, 2011 9:45 am
Forum: NoScript Development
Topic: NS protection modules not surfaced in the GUI
Replies: 15
Views: 136237

Re: NS protection modules not surfaced in the GUI

There are many others, like the ones mentioned on m After rethinking the issue I came to the conclusion that it doesn't really make sense to include all those settings in the GUI as it would become completely cluttered. I trust that Giorgio has set the most appropriate values as the defaults in abou...
by tlu
Tue Mar 01, 2011 2:33 pm
Forum: NoScript Development
Topic: Discussion: Site Specific Permissions Policy
Replies: 165
Views: 69249

Re: Discussion: Site Specific Permissions Policy

Giorgio Maone wrote:
tlu wrote:I'm sorry, but what is the E10/Mobile porting project?

http://noscript.net/nsa/


Ah, thanks - very interesting!