Testers Wanted: NoScript UX Overhaul by Simply Secure

Bug reports and enhancement requests
jawz101
Senior Member
Posts: 71
Joined: Sun Jul 10, 2011 11:13 pm

Re: Testers Wanted: NoScript UX Overhaul by Simply Secure

Post by jawz101 » Thu Oct 03, 2019 5:59 pm

While we're at it, it would be nice to be able to block other 3rd party things even if a script what not referenced. I prefer uBlock Origin nowadays because I can block other items even when the domain does not have scripts. And prevent a bit more as well. I don't know if XHR's and websockets fall under 'other' but I like to know I can control them.

Code: Select all

font,third-party
object
other
websocket
xmlhttprequest,third-party
Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0

barbaz
Senior Member
Posts: 9961
Joined: Sat Aug 03, 2013 5:45 pm

Re: Testers Wanted: NoScript UX Overhaul by Simply Secure

Post by barbaz » Thu Oct 03, 2019 9:35 pm

jawz101 wrote:
Thu Oct 03, 2019 5:59 pm
While we're at it, it would be nice to be able to block other 3rd party things even if a script what not referenced. I prefer uBlock Origin nowadays because I can block other items even when the domain does not have scripts. And prevent a bit more as well. I don't know if XHR's and websockets fall under 'other' but I like to know I can control them.
Image I don't understand what you're asking. NoScript popup should show all domains from which active content is loaded, regardless of whether it's a script or XHR or whatever. And you can already go into NoScript Options > Per-site Permissions, and manually enter a domain to be set as Untrusted.
*Always* check the changelogs BEFORE updating that important software!
-

jawz101
Senior Member
Posts: 71
Joined: Sun Jul 10, 2011 11:13 pm

Re: Testers Wanted: NoScript UX Overhaul by Simply Secure

Post by jawz101 » Fri Oct 11, 2019 10:41 pm

barbaz wrote:
Thu Oct 03, 2019 9:35 pm
jawz101 wrote:
Thu Oct 03, 2019 5:59 pm
While we're at it, it would be nice to be able to block other 3rd party things even if a script what not referenced. I prefer uBlock Origin nowadays because I can block other items even when the domain does not have scripts. And prevent a bit more as well. I don't know if XHR's and websockets fall under 'other' but I like to know I can control them.
Image I don't understand what you're asking. NoScript popup should show all domains from which active content is loaded, regardless of whether it's a script or XHR or whatever. And you can already go into NoScript Options > Per-site Permissions, and manually enter a domain to be set as Untrusted.
Go to androidpolice.com in ffox/chrome with Developer Tools open and on the network tab.

search for fonts.googleapis.com or sort by domain and see if any other domains were connected to that were not listed on the NoScript list.

I notice it a lot when I look at the number of domains uBlock lists versus NoScript and uBlock seems to see more and block more pieces. I'm pretty sure NoScript only lists a domain if it includes a script.
Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0

barbaz
Senior Member
Posts: 9961
Joined: Sat Aug 03, 2013 5:45 pm

Re: Testers Wanted: NoScript UX Overhaul by Simply Secure

Post by barbaz » Fri Oct 11, 2019 11:16 pm

jawz101 wrote:
Fri Oct 11, 2019 10:41 pm
Go to androidpolice.com in ffox/chrome with Developer Tools open and on the network tab.

search for fonts.googleapis.com or sort by domain and see if any other domains were connected to that were not listed on the NoScript list.
fonts.googleapis.com does not load any active content. It only loads a stylesheet. So it should not be listed in the NoScript menu, and indeed is not.

What I'm seeing is entirely expected behavior.

Blocking this stuff is outside the scope of NoScript, better to use uBlock Origin or µMatrix for that.
*Always* check the changelogs BEFORE updating that important software!
-

barbaz
Senior Member
Posts: 9961
Joined: Sat Aug 03, 2013 5:45 pm

Re: Testers Wanted: NoScript UX Overhaul by Simply Secure

Post by barbaz » Fri Nov 01, 2019 1:40 pm

Giorgio Maone wrote:
Tue Sep 17, 2019 5:37 am
I'm prototyping the first functional alpha based on their input, hoping to have something to play with by London's MozFest in late October.
How is this going? Do you have an update on the timeline?
*Always* check the changelogs BEFORE updating that important software!
-

barbaz
Senior Member
Posts: 9961
Joined: Sat Aug 03, 2013 5:45 pm

Re: Testers Wanted: NoScript UX Overhaul by Simply Secure

Post by barbaz » Sat Nov 30, 2019 12:41 pm

barbaz wrote:
Fri Nov 01, 2019 1:40 pm
Giorgio Maone wrote:
Tue Sep 17, 2019 5:37 am
I'm prototyping the first functional alpha based on their input, hoping to have something to play with by London's MozFest in late October.
How is this going? Do you have an update on the timeline?
bump
*Always* check the changelogs BEFORE updating that important software!
-

User avatar
Giorgio Maone
Site Admin
Posts: 9108
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:

Re: Testers Wanted: NoScript UX Overhaul by Simply Secure

Post by Giorgio Maone » Mon Dec 02, 2019 9:19 pm

Sorry for the late answer.
I'm trying to be sure when this rolls out doesn't get anyone accustomed with the "old ways" off guard without options to make NoScript behave in the way they rely on.
At the same time, I'm in the process to shield NoScript as much as possible from the Manifest V3 fall-out, both on the Chrome and on the (luckily less messy) Firefox side.
Therefore at this moment there's no firm ETA.
I'll post an update as soon as there's one.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0

Rand
Posts: 1
Joined: Sun Oct 25, 2020 5:49 am

Re: Testers Wanted: NoScript UX Overhaul by Simply Secure

Post by Rand » Sun Oct 25, 2020 7:00 am

Hello there, I was wondering if you had any new information on this overhaul project

Thank you
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0

scriptaddict
Posts: 1
Joined: Sat Nov 14, 2020 8:56 pm

Re: Testers Wanted: NoScript UX Overhaul by Simply Secure

Post by scriptaddict » Sun Nov 15, 2020 4:23 am

I've just looked through the recommendations by Simply Secure. I have to say it looks very positive, a major improvement in terms of aesthetic and functionality, though it would surely take some time (30 minutes?) to get used to. I can't wait to see the new version based on it.
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0

barbaz
Senior Member
Posts: 9961
Joined: Sat Aug 03, 2013 5:45 pm

Re: Testers Wanted: NoScript UX Overhaul by Simply Secure

Post by barbaz » Fri Jan 15, 2021 9:16 pm

It has been more than a year since the last update on this, any news?

Also, I would like to bring up my comments in viewtopic.php?p=100953#p100953 again in light of the following quote from another thread -
Kain Yusanagi wrote:
Fri Jan 15, 2021 2:04 am
Looking over that design document... I *really* dislike that intended change to a non-threatening sad worm. *shudder*
You see, it's not just me: The expression of sadness/disappointment in the proposed new logo is negatively jarring.

Like I said, I don't want to judge the proposed redesign until I've actually taken the time to test-drive it. I don't even want to judge the new logo or its expression of sadness/disappointment at this stage. But I understand better than most people how much this stuff matters. And that understanding makes me suspect Kain Yusanagi's opinion is just the tip of the iceberg.

So, again: If it was a deliberate design choice to make the script snake look sad/disappointed, please explain this design choice. If it was not a deliberate design choice, please seriously consider an emotionally-neutral icon like fatboy suggested above. Thanks.
*Always* check the changelogs BEFORE updating that important software!
-

rlaggren
Posts: 9
Joined: Sat Feb 21, 2015 2:33 am

Re: Testers Wanted: NoScript UX Overhaul by Simply Secure

Post by rlaggren » Sat May 15, 2021 7:21 pm

After reading finding an article on this on another site and then a link back to the original proposal, I left comments to the authors. But the "process" is a little unclear so I don't know if my thoughts will make it through. I think a gui face lift is a great idea because although I have used NS for 6 years or so, I still experience some of the confusions referenced in the original design proposal from SimplySecure.

IAC. Much of the ideas and examples made sense, although there were several very strange phrasings in the gui. But what struck me as definitely _not_ good was the use of a check-mark to mean two different things, one of which, specifying the "Allowed" state, has no intrinsic connection to the usual use of the check mark. Normally a check-mark means "ok" or "selected" - and that's all. The proposed gui uses the check-mark for both meanings ("Allowed" and "selected") and this does not seem a good idea. Also, the check-mark has never meant "Allowed" so such usage seems really non-intuitive.

The first image below shows the "select" usage, where elements are selected in a granular fashion.

Image


The second image shows setting the "Allowed" state for scripts.

Image



As a suggestion, perhaps instead of a check-mark to indicate "Allowed", create an icon that looks like a yellow highway warning sign, the diamond shape, with the word "Allowed" in it... A bit of a tight fit, perhaps, but the new gui does offer more space. I think the culture of the yellow warning/alert sign is fairly universal. Perhaps there is some immediately intuitive and elegant way to indicate "Allowed"... Like a stylized open gate? But I'm not a graphics wonk.


Regards,
Rufus
Last edited by rlaggren on Mon May 17, 2021 4:02 pm, edited 7 times in total.
Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0

barbaz
Senior Member
Posts: 9961
Joined: Sat Aug 03, 2013 5:45 pm

Re: Testers Wanted: NoScript UX Overhaul by Simply Secure

Post by barbaz » Sun May 16, 2021 12:46 pm

Split the Google Drive images discussion to viewtopic.php?f=24&t=26332 to keep this thread on topic.
*Always* check the changelogs BEFORE updating that important software!
-

Post Reply