Requesting domain script control
Posted: Mon Mar 29, 2021 5:20 am
NoScript is a precious resource and I'm so glad that the developer has continued to produce, evolve and improve it.
The one feature that would be a great addition for me would be a way to block based on requesting domain. Especially for giant, ubiquitous and privacy shredding script-hosting domains like "google.com".
For example, my regional government has websites that access and process very sensitive data on individual citizens, yet some of those require you to solve a Google captcha before you can use them. If I am not in a position to convince the government to stop this annoying practice, I'd like to at least minimize its "spillover" impact on everything else I do on the web. Not allowing "google.com" by default in NS is a start, but then I am forced to continually approve requests that do not conveniently restrict themselves to a specific Google subdomain like "docs.google.com" (This includes their captcha, btw), and then turn around and revoke those temporary permissions each time. (If I don't forget)
I used to use a Firefox extension called "Request Policy", but I cannot find something like this for Chromium-based browsers. And this functionality would be far more useful if it can be a parameter on a NS rule, like "disable JS for google.com by default, but allow requests originating from UsefulDomain.com".
Thanks for your interest!
The one feature that would be a great addition for me would be a way to block based on requesting domain. Especially for giant, ubiquitous and privacy shredding script-hosting domains like "google.com".
For example, my regional government has websites that access and process very sensitive data on individual citizens, yet some of those require you to solve a Google captcha before you can use them. If I am not in a position to convince the government to stop this annoying practice, I'd like to at least minimize its "spillover" impact on everything else I do on the web. Not allowing "google.com" by default in NS is a start, but then I am forced to continually approve requests that do not conveniently restrict themselves to a specific Google subdomain like "docs.google.com" (This includes their captcha, btw), and then turn around and revoke those temporary permissions each time. (If I don't forget)
I used to use a Firefox extension called "Request Policy", but I cannot find something like this for Chromium-based browsers. And this functionality would be far more useful if it can be a parameter on a NS rule, like "disable JS for google.com by default, but allow requests originating from UsefulDomain.com".
Thanks for your interest!