Hey Giorgio,
I've made two PullRequests on github.com/avian2/noscript:
[PR1] NoScript: RequestPolicy https://github.com/avian2/noscript/pull/9 and
[PR2] NoScript: Horizontal MenuGroups https://github.com/avian2/noscript/pull/10
I'm going to call this [PR1] NoScript+RequestPolicy, because this also blocks access for HTMLs, IMAGEs, STYLESHEETs, if they are cross-toplevel-domain requests.
I also did something which is a matter of taste, this is [PR2] HorizontalMenuGroups, which instead of asking "Allow example.com" and "Temporarily allow example.com" (and a seperator), this is just asking "example.com: temporarily, allow".
I do want you to try this. You made this so very easy (using makexpi.sh and a lot of javaScript), so I just want you to do this:
git clone https://github.com/metadings/noscript metadings-noscript
cd metadings-noscript
git checkout master-requestpolicy // and also master-requestpolicy-horizontalmenu
// You may do now `git show`, to see what I've changed.
./makexpi.sh
// Now run noscript-5.0rc2~pre.xpi in your favorite Mozilla Firefox installation.
What do you think?
[PR1] NoScript: RequestPolicy [PR2] Horizontal MenuGroups
[PR1] NoScript: RequestPolicy [PR2] Horizontal MenuGroups
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:51.0) Gecko/20100101 Firefox/51.0
Re: [PR1] NoScript: RequestPolicy [PR2] Horizontal MenuGroup
Your horizontal menu groups PR looks interesting. If you make it optional, +1 from me. There are times when I'd prefer the traditional menu, and there are times when I'd prefer this. For example, your menu would make it a lot easier to deal with those sites that load like every script under the sun.
I have only two minor suggestions for it:
1) At the far left of each row, add an icon indicating that site's current state.
2) There's something weird about the "untrusted" menu items in this new arrangement. When the Untrusted sub-menu is de-selected, but "Mark [...] as Untrusted" *is* selected, the Untrusted menu item should be on the same line as "Temporarily" and "Allow". When the Untrusted sub-menu is selected, the label should be changed to "mark as untrusted".
_________
About your PR1. I reverted it before trying your horizontal menu. NoScript is a security tool, not a privacy tool. There is no security advantage to your proposal. That level of strictness in blocking is why I never used RequestPolicy.
Where I do want such functionality, I much prefer to just use µMatrix. It's designed for the job, more flexible, and much better suited to doing limited request controlling.
I have only two minor suggestions for it:
1) At the far left of each row, add an icon indicating that site's current state.
2) There's something weird about the "untrusted" menu items in this new arrangement. When the Untrusted sub-menu is de-selected, but "Mark [...] as Untrusted" *is* selected, the Untrusted menu item should be on the same line as "Temporarily" and "Allow". When the Untrusted sub-menu is selected, the label should be changed to "mark as untrusted".
_________
About your PR1. I reverted it before trying your horizontal menu. NoScript is a security tool, not a privacy tool. There is no security advantage to your proposal. That level of strictness in blocking is why I never used RequestPolicy.
Where I do want such functionality, I much prefer to just use µMatrix. It's designed for the job, more flexible, and much better suited to doing limited request controlling.
*Always* check the changelogs BEFORE updating that important software!
-
Re: [PR1] NoScript: RequestPolicy [PR2] Horizontal MenuGroup
About PR2:
> 1) At the far left of each row, add an icon indicating that site's current state.
Ya, well this is "untrusted". Everyone.com is "untrusted", you just "allow" them or you "temporarily" allow them.
The "untrusted" menu is now just for google-analytics.com, scorecardresearch.com and so on.
There should be a state "trust" them again, so that they come out again from the "untrusted" menu, without javaScripts...
> 2) There's something weird about the "untrusted" menu items in this new arrangement.
well... I also tried to createElement table, tr, and td, however I do believe I missed a div wrapping around menuFrag and mainFrag, the "things" you appendChild to the mainMenu after the menuseparator `stop` (and also appendChild to the unstrustedFrag, the "things" you appendChild to the untrustedMenu).
Yes, I do believe, I'm going to cancel PR2... Just because asking "example.com temporär erlauben" is grammatically correct, however "example.com temporaneamente permetti" is the same garbage as "example.com Temporarily allow"...
__
> About your PR1. I reverted it before trying your horizontal menu. NoScript is a security tool, not a privacy tool. There is no security advantage to your proposal.
Well, I believe that Security comes through Privacy.
If I'm going to someone.com, I don't want them to go to scorecardresearch.com.
They are basically all "untrusted". A second menu for having "untrusted" ones.com, is just hiding them away from me.
I do really not like sitestat.com or the like, which just read a tiny IMAGE or a <link href=on a .png...
> That level of strictness in blocking is why I never used RequestPolicy.
So to say, this is easier than RequestPolicy.
This is alot easier, because you don't say "someone.com to office356.com".
You just say "allow office356.com".
What do you think?
> 1) At the far left of each row, add an icon indicating that site's current state.
Ya, well this is "untrusted". Everyone.com is "untrusted", you just "allow" them or you "temporarily" allow them.
The "untrusted" menu is now just for google-analytics.com, scorecardresearch.com and so on.
There should be a state "trust" them again, so that they come out again from the "untrusted" menu, without javaScripts...
> 2) There's something weird about the "untrusted" menu items in this new arrangement.
well... I also tried to createElement table, tr, and td, however I do believe I missed a div wrapping around menuFrag and mainFrag, the "things" you appendChild to the mainMenu after the menuseparator `stop` (and also appendChild to the unstrustedFrag, the "things" you appendChild to the untrustedMenu).
Yes, I do believe, I'm going to cancel PR2... Just because asking "example.com temporär erlauben" is grammatically correct, however "example.com temporaneamente permetti" is the same garbage as "example.com Temporarily allow"...
__
> About your PR1. I reverted it before trying your horizontal menu. NoScript is a security tool, not a privacy tool. There is no security advantage to your proposal.
Well, I believe that Security comes through Privacy.
If I'm going to someone.com, I don't want them to go to scorecardresearch.com.
They are basically all "untrusted". A second menu for having "untrusted" ones.com, is just hiding them away from me.
I do really not like sitestat.com or the like, which just read a tiny IMAGE or a <link href=on a .png...
> That level of strictness in blocking is why I never used RequestPolicy.
So to say, this is easier than RequestPolicy.
This is alot easier, because you don't say "someone.com to office356.com".
You just say "allow office356.com".
What do you think?
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:51.0) Gecko/20100101 Firefox/51.0
Re: [PR1] NoScript: RequestPolicy [PR2] Horizontal MenuGroup
So, in a nutshell, you want the ability to block inactive content (HTML, images) for any non-trusted site?
Reminds me somewhat of my attempts at SABER, which I pretty much haven't touched since starting to use uMatrix. The one thing I did manage to implement was the ability to write ABE rules that could refer to your whitelist and temporary whitelist. I suspect that they might not work with current/future NoScript, though.
Reminds me somewhat of my attempts at SABER, which I pretty much haven't touched since starting to use uMatrix. The one thing I did manage to implement was the ability to write ABE rules that could refer to your whitelist and temporary whitelist. I suspect that they might not work with current/future NoScript, though.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.
True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.
True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0
Re: [PR1] NoScript: RequestPolicy [PR2] Horizontal MenuGroup
Unless everyone.com is Forbidden (as in, not marked as Untrusted). Or Allowed. Or Temporarily allowed.metadings wrote:About PR2:
> 1) At the far left of each row, add an icon indicating that site's current state.
Ya, well this is "untrusted". Everyone.com is "untrusted",
That already exists, if you have the sticky menu. Just Temp-Allow the site, then - without leaving the menu - Forbid the site again.metadings wrote:There should be a state "trust" them again, so that they come out again from the "untrusted" menu, without javaScripts...
Only up to a point. Beyond that, it becomes a trade-off. Let's take your example -metadings wrote:Well, I believe that Security comes through Privacy.
Websites can fingerprint you based on what sites you have allowed. When you choose not to let someone.com load the script from scorecardresearch.com, someone.com could notice that and use it to fingerprint you. By having the added security of NOT running the scorecardresearch script you don't trust, you are sacrificing the privacy of being like "most users".metadings wrote:If I'm going to someone.com, I don't want them to go to scorecardresearch.com.
Incidentally, this is why the Tor Project wanted Giorgio to implement cascading permissions mode.
I think this stuff shouldn't meddle with script permissions. Just because I want to see one image from office356.com, doesn't mean I want to run all their active content.metadings wrote:This is alot easier, because you don't say "someone.com to office356.com".
You just say "allow office356.com".
What do you think?
Again, this is best left to a dedicated addon designed for the purpose.
*Always* check the changelogs BEFORE updating that important software!
-
Re: [PR1] NoScript: RequestPolicy [PR2] Horizontal MenuGroup
No.Again, this is best left to a dedicated addon designed for the purpose.
Look, I'm installing people "just" Mozilla Firefox and µblock, if they even care; they usually have "just" Mozilla Firefox and AdBlockPlus.
Now what I want is, if you care: You should use "just" Mozilla Firefox and NoScript.
This runs awesome fast, for about 99% of all websites.
__
Yes, exactly. Just Mozilla Firefox and NoScript.So, in a nutshell, you want the ability to block inactive content (HTML, images) for any non-trusted site?
For example, I do want to allow `www.tagesschau.de`. ((implicitly) requesting `karten.tagesschau.de` and `wetter.tagesschau.de`.)
I may allow them to request `ard.de` or `sportschau.de` (but I do NOT want them to request `sitestat.com` or `ioam.de`).
For example, I do want just `computerbase.de`. (NEITHER `amazon-adsystem.com`, or `ssl-images-amazon.com`, NOR `theadex.com`, `himediads.com`, `ioam.de` or `google-analytics.com`.)
For example, I do want to allow `stackoverflow.com`, `sstatic.net`, `ajax.googleapis.com`, maybe `imgur.com`. (but I do NOT want them to request `casalmedia.com`, `quantserve.com`, `adzerk.net`; I do also NOT want them request two "untrusted" sites, `google-analytics.com` and `scorecardresearch.com`)
For example, I was even forced to allow `themusicfire.com`, just because of a "CloudFlare DDOS protection" which actually runs in javaScript.
Now, I do allow `themusicfire.com`; let them just forward without quickly forbidding - just to see what happens.
I do also allow `ajax.googleapis.com` and `themfire.com` - now the site "just works, perfectly".
I do even want one of the soundtracks. I'm going to allow `bandcamp.com` and `bcbits.com`, now without forbidding <AUDIO>/<VIDEO>, I do have MEDIA playing the soundtrack on my soundcard!
(I do NOT want them to request `directev.com`, `shorte.st`, `yadro.ru`, `onclickads.net`, `adcash.com`, `quantserve.com` or `google-analytics.com`.)
No. I just don't want to be "bad" like "stupid" people who don't care about security. (People usually have AdBlockPlus, to "care" about security.)you are sacrificing the privacy of being like "most users"
Look, I don't want NoScript to be just for Scripts, I do want them to BLOCK everything.
(Just because you're doing nsIContentPolicy.)
This is also why I want Giorgio Maone to try `[PR1] NoScript: RequestPolicy`. What do you think?
(Introducing a `crossDomainSites: new PolicySites()`, I would need much more space in mainMenu.
There is no way of asking four times, if I'm going to "Allow", to "Temporarily Allow", to also "Allow Scripts" or "Temporarily Allow Scripts".
What I'd need is "someone.com: [x] temporarily, allow" ...
However, I don't believe in too much buttons or menuitems, just to allow someone.com.
This is sacrificing usability over the (privacy/)security, just not to request another.com. This is why I'd just go with this PR1.)
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:51.0) Gecko/20100101 Firefox/51.0
Re: [PR1] NoScript: RequestPolicy [PR2] Horizontal MenuGroup
Care about what?metadings wrote:Look, I'm installing people "just" Mozilla Firefox and µblock, if they even care; they usually have "just" Mozilla Firefox and AdBlockPlus.
Now what I want is, if you care: You should use "just" Mozilla Firefox and NoScript.
Skim reading much? -metadings wrote:No.you are sacrificing the privacy of being like "most users"
barbaz wrote:Websites can fingerprint you based on what sites you have allowed. When you choose not to let someone.com load the script from scorecardresearch.com, someone.com could notice that and use it to fingerprint you. By having the added security of NOT running the scorecardresearch script you don't trust, you are sacrificing the privacy of being like "most users".
Look, I want you to help port NoScript to a pure WebExtension.metadings wrote:Look, I don't want NoScript to be just for Scripts, I do want them to BLOCK everything.
(Just because you're doing nsIContentPolicy.)
(Just because you worked with NoScript code for your PRs.)
Seriously, who gives a **** what you or I want? What matters is whether it makes sense.
*Always* check the changelogs BEFORE updating that important software!
-
Re: [PR1] NoScript: RequestPolicy
Well, yes, they MAY do that. This is okay, because I am visiting the website.Websites can fingerprint you based on what sites you have allowed.
By having added security of NOT running sitestat.com's IMAGE, I am "just" going to tagesschau.de.By having the added security of NOT running the scorecardresearch script you don't trust, you are sacrificing the privacy of being like "most users".
Unlike "most users" I don't even request the sitestat.com. sitestat.com does NOT **know** that I am on tagesschau.de.
This has nothing to do with WebExtensions. I don't believe in WebExtensions, nor would I believe in that they are going to cancel XPCOM in November 2017.Look, I want you to help port NoScript to a pure WebExtension.
(Just because you worked with NoScript code for your PRs.)
(Well, I do believe Mozilla/AMO says "just WebExtensions", or also "no more XPCOM", but they don't "remove" XPCOM from Firefox.)
(I tried to make a WebExtension, this also worked for blocking requests, but I couldn't block redirects. In webRequest.onHeadersReceived, when the redirect was in action, I changed the HTTP statuscode from 307 to 400..., but I couldn't ask or confirm, if you want and where to be redirected.
I also remember that I could block SCRIPTs, but I couldn't block HTML-SCRIPTs, so to say the <script tags embedded in the HTML response.)
Doesn't it make sense?Seriously, who gives a **** what you or I want? What matters is whether it makes sense.
This is true - if there is someone.com untrusted, there should be a state of "trust" again, right before you would "(temporarily) allow" someone.com.I think this stuff shouldn't meddle with script permissions. Just because I want to see one image from office356.com, doesn't mean I want to run all their active content.
Currently you need to "allow" and then "forbid" someone.com, to get someone.com out of the untrusted menu.
Last edited by metadings on Fri Mar 03, 2017 4:45 pm, edited 3 times in total.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:51.0) Gecko/20100101 Firefox/51.0
Re: [PR1] NoScript: RequestPolicy
Wait, wait, aren't you missing something there? Like, if blocking cross-site images added security, that NoScript would be doing it already?metadings wrote:By having added security of NOT running sitestat.com's IMAGE,
NoScript has protections against cross-site security threats. Cross-site XHR controls, cross-site frame controls, protection against cross-site scripting, cross-site request forgery, cross-site resource abuse, cross-site etc etc. In fact, NoScript has always been ahead of the game on cross-site protections. And Giorgio is very well versed in this security stuff.
It is in no one's interest to deliberately ignore a security problem in a default-deny type addon like NoScript.
Well, it has as much to do with WebExtensions as NoScript's use of nsIContentPolicy has to do with blocking images.metadings wrote:This has nothing to do with WebExtensions.
No. You are insisting on conflating security and privacy in a 'This club requires jackets. I'm wearing a shirt, they should let me in' type way.metadings wrote:Doesn't it make sense?
BTW, ignoring the questions posed to you is unproductive -
barbaz wrote:Care about what?metadings wrote:Look, I'm installing people "just" Mozilla Firefox and µblock, if they even care; they usually have "just" Mozilla Firefox and AdBlockPlus.
Now what I want is, if you care: You should use "just" Mozilla Firefox and NoScript.
*Always* check the changelogs BEFORE updating that important software!
-