RFE: Make 'cross-site JavaScript' message less confusing

Bug reports and enhancement requests
Post Reply
User avatar
Thrawn
Master Bug Buster
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:
Contact Thrawn

RFE: Make 'cross-site JavaScript' message less confusing

Post by Thrawn »

Many people who come across the cross-site inclusion filter - including therube - have, quite understandably, thought that
Blocking cross-site JavaScript served from...
was a reference to the XSS filter. Which leads them on a wild-goose chase, and might even cause them to mistakenly write unsafe XSS filter exceptions (regex is hard to get right).

Maybe this message could be changed to something like:
Blocking third-party JavaScript served from...
As an extra, is it feasible to add the cross-site inclusion filter exceptions to Options-Advanced, maybe sharing the ClearClick tab?
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:29.0) Gecko/20100101 Firefox/29.0
Top
barbaz
Senior Member
Posts: 11092
Joined: Sat Aug 03, 2013 5:45 pm

Re: RFE: Make 'cross-site JavaScript' message less confusing

Post by barbaz »

Thrawn wrote:As an extra, is it feasible to add the cross-site inclusion filter exceptions to Options-Advanced
http://forums.informaction.com/viewtopi ... 10&t=19548
Thrawn wrote:maybe sharing the ClearClick tab?
Without also renaming that tab, would be confusing because AFAIK inclusion type checking has nothing to do with ClearClick.
*Always* check the changelogs BEFORE updating that important software!
Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20140427 Firefox/24.0 PaleMoon/24.5.0
Top
Post Reply

Return to “NoScript Development”