InformAction Forums

I added your ABE rule. If we allow the script, there's no bug, but of course the script does the evil. If we block the script, then even with your ABE rule, the image shows in View Page Info > Media. Based on a quick test on Google, it appears that images blocked by ABE will be listed in Page Info ...

I can confirm (using Tamper Data addon) that ABE can block the web bug: Site .webtrendslive.com Deny I guess that's extra encouragement to push ahead with my pet project of making an addon that would use an adapted version of RequestPolicy's interface to write ABE rules :). Is there an about:config ...

I just recently came across a situation (on addons.mozilla.org, no less), where the 'Show the NOSCRIPT element which follows a blocked script' option for trusted sites came into play. It seems that the clever ppl at AMO use this to insert a web bug for statse.webtrendslive.com if you block the full ...

Does anyone have suggestions about whether to pull in RequestPolicy's other features, like blocking redirects and prefetches? Or should this be strictly about managing ABE rules? The reason I ask is that there would obviously be a conflict between this and RequestPolicy, so those who want those othe...

Moved to Forum Extras > Security: http://forums.informaction.com/viewtopi ... =19&t=8059

Basic ideas thus far: Create a comment-bounded segment within the ABE rules. This would allow manual editing of regions outside the GUI's control if desired. Implementation would create one rule block for each specific Site, incorporating all rules that use that Site. Including multiple Sites in the...

As discussed in the ABE forum, I'm interested in making an addon that takes RequestPolicy's interface and uses it to manage ABE rules. ABE provides great power & flexibility in controlling cross-site requests, but requires writing rules. RequestPolicy provides an interface that is quick & ea...

Thanks for the reply, Tom! I'm certainly looking forward to NoScript 3, so that I can selectively block plugins :). However, I really like the idea of RequestPolicy as a way of blocking as-yet-unknown cross-site exploitation (just as NS blocks as-yet-unknown JavaScript/Java/Flash/PDF exploits). Note...

Hadn't seen any replies to this, but I've been seriously thinking about it lately: Surely it would be feasible to take RequestPolicy's interface and turn it into a front-end for ABE? Two advantages over writing ABE rules by hand: - You get feedback about what requests are being blocked/allowed on th...

I'm using RequestPolicy, and it doesn't appear to block cross-site hyperlinks, presumably because it knows that the action was user-triggered? Yes, it can break sites, but actually, in its default configuration of allowing all subdomains, I've found it to have less impact than NoScript. That's certa...