New https methods requires extra knowledge and config

Bug reports and enhancement requests
Post Reply
maxlevelcoolwinning
Posts: 4
Joined: Tue Nov 21, 2017 1:52 pm

New https methods requires extra knowledge and config

Post by maxlevelcoolwinning »

all of this is erroenus disregard. I leave it here for posterity. see edit

Hi,

I can't seem to add permission rules on this website

http://www.focus-home.com/

I can still add normally on other sites. This URL is different in that it unusually contains a hyphen.

Temporary Allow All works on this URL however.

edit: actually I was coming into the same thing addressed here https://forums.informaction.com/viewtop ... 098#p92098

that's twice I misunderstood the the behaviour of the https lock icon and its associated functions.

originally I thought it was UI indicator I was on a https enabled connection. after that I thought it was a less strict domain matching that Noscript automatically employed upon a click when dealing with a https site, in order the make https sites work, and this was tolerated because https sites were more trustworthy. a behaviour which I could toggle to off to match how Noscript treates non-https sites, if I so chose.

I understand now that the https way is just chosen first and I must toggle it again myself to fix things that don't work. that's kind of sub-optimal I suppose and a step back from a user experience standpoint. that's minor I guess. more importantly it's kind of confusing situation and strikes people as a bug.
Last edited by maxlevelcoolwinning on Sat Nov 25, 2017 1:57 am, edited 2 times in total.
Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0
Top
barbaz
Senior Member
Posts: 10847
Joined: Sat Aug 03, 2013 5:45 pm

Re: Noscript fails to add single permision on hypenated URL

Post by barbaz »

I notice it is a plain HTTP site. Maybe related to this? - https://forums.informaction.com/viewtop ... 098#p92098
*Always* check the changelogs BEFORE updating that important software!
-
Top
maxlevelcoolwinning
Posts: 4
Joined: Tue Nov 21, 2017 1:52 pm

Re: Noscript fails to add single permision on hypenated URL

Post by maxlevelcoolwinning »

barbaz wrote:I notice it is a plain HTTP site. Maybe related to this? - https://forums.informaction.com/viewtop ... 098#p92098
yes it was that. when I discovered I was wrong, I came back to update the post.

edit: ok it's actually perfectly explained here.
the "lock" icon is actually another toggle button, and dictates how sites are matched: if its locked/green, as suggested by the title ("Match HTTPS only"), only sites served on secured connections will be matched, even if the rule is for a (base) domain and cascades to all its subdomains. This is a convenience to, say, make just "noscript.net" TRUSTED and match also "https://www.noscript.net" and "https://static.noscript.net" but not http:www.noscript.net" neither http:noscript.net".
I was previously working off of this
For HTTPS sites the base domain is selected by default with cascading, while for non-secure sites the default match is the full address.
Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0
Top
Post Reply

Return to “NoScript Development”