InformAction Forums

dhouwn wrote:

• .example.com matches example.com and bla.example.com
• *.example.com just matches bla.example.com

It's an extension to the common globbing mechanism.

Ah - thank you. This makes it clearer. (I told you I had a mental block )

.google.com matches both http://www.google.com and google.com, while *.google.com matches all the subdomains but NOT google.com, and google.com matches only google.com. Giorgio, it seems that I'm having a mental block right now. I'm not able to fully understand the difference between .google.com an...

Guest wrote:try to open a few pages in tabs,

I did, and no problems at all.

I just saw that somebody has now developed a Chrome extension called NotScripts. I don't know how it compares to Noscript (and I don't use Chrome anyway) but it might be interesting for Giorgio to have a look at it. Details on http://optimalcycling.com/other-projects/notscripts/

CsFire's behavior can be implemented with this one simple rule (to be put in the USER ruleset): # This rules allows authentication data to be sent with requests originated # from the same base domain, stripping it off otherwise Site * Accept from SELF++ Anon Ah - I had used the rule you had mention...

Thank you therube, I understand better now but still ABE settings are too complicated to common users :( In fact "common users" shouldn't touch them without guidance. The built-in rules already give significant protection against attacks from internet to intranet. Giorgio, are you also co...

A better alternative to Configuration Mania (with regard to controlling JS) is actually Controle de Scripts. Its features are explained on its help site.

I'd like a blocklist for specific Javascript functions that are blocked on trusted domains. If such a function was found there should be an alert that allows me to run the function or allow the function on that domain. You can use the FF extension Configuration Mania that offers to enable/disable s...

But the question remains why I can only see something on a website if it's blocked by Noscript :?: Probably because there's a <NOSCRIPT> fallback if you've got scripts disabled, while the script which would normally fill the document fails for some bug (the dom storage one above?) Yes, indeed, you ...

Then, shouldn't ABE "Anon" rule be in the global System ruleset? If I understand correctly, there's a bug in Geckos which doesn't allow to strip HTTP Auth from CSR, and thus to implement CORS correctly? If ABE does this, and there's a dedicated extension just for that - wouldn't it to be ...

Whenever I get this error, the line referred to is this: return parseInt( sessionStorage.getItem([...]_pop_gw_ir04purchasepageValue') ); Do you perhaps have DOM storage disabled? The check Amazon does to see if sessionStorage is supported is faulty; it only checks the existence of sessionStorage , ...

A similar problem today: When I select, e.g., a book on amazon.de there is an area headed "Customers who bought this article also bought ...". This areas is blank when images-amazon.com is allowed in NS. The error console shows this error: Fehler: uncaught exception: [Exception... "Se...

Okay, I disabled Noscript, restarted FF and all was well - although the site looked somehow different now. So I activated Noscript and restarted FF once more - and the site still looks well (no blank areas) although ssl-images-amazon.com is now allowed in NS. Funny. Either a cache problem or perhaps...

Can you see any [NoScript XSS] message in Tools|Error Console ? No, I don't. Nevertheless I disabled XSS protection in Noscript but again to no avail. BTW: Error console also says www.amazon.de : server does not support RFC 5746, see CVE-2009-3555 and various warnings like Warnung: Fehler beim Vera...

I'm a registered user of amazon.de, and I've enabled cookies for this site. Whenever I enter it, it represents 2 areas headed with "New recommendations for you" and "New for you". Both areas are blank, though - I only see images and text for the fraction of a second when the site...