online.tivo.com Streaming/ABE Default Rule

[Jen]

In the FAQs, there are several examples of ABE rule exceptions available, e.g. for google and mlb.tv. It might be helpful to add one for TiVo's newly-launched online streaming as it was blocking my feed even after I allowed local scripts. The new TiVo function allows users to stream content from their TiVo DVRs to local devices.

In NoScript options, Advanced, ABE, SYSTEM, I replaced this default rule:

# Prevent Internet sites from requesting LAN resources.
Site LOCAL
Accept from LOCAL
Deny

with this rule:

# Prevent Internet sites from requesting LAN resources.
Site LOCAL
Accept from LOCAL
Site online.tivo.com
Accept from online.tivo.com
Deny

I'd never heard of ABE before I started troubleshooting today and it was driving me crazy!!! It makes sense now that I found the original rule and understand that it was keeping outside sources from accessing my LAN. I don't know if my rule syntax is proper but it works...

Jen

[barbaz]

Moving to ABE.

I doubt that is the best rule for this scenario. Exceptions to the default rule always go above it.
Your rule protects online.tivo.com instead of LOCAL.

Construct ABE rules by looking at the message(s) in the Browser Console (Ctrl-Shift-J) that start with "[ABE]", then add an exception for that specific thing. In general, the ruleset with the exception will look something like this:

Code: Select all

Site http://localsi.te:8080/*
Accept from externaldom.ain

# Prevent Internet sites from requesting LAN resources.
Site LOCAL
Accept from LOCAL
Deny

If you need help feel free to post the message here and we will try to come up with something.
Please let us know what works for you.

[Thrawn]

The original rule would probably work if you remove the second Site declaration:

Code: Select all

Site LOCAL
Accept from LOCAL
Accept from online.tivo.com
Deny

Or simply:

Code: Select all

Site LOCAL
Accept from LOCAL online.tivo.com
Deny

[Jen]

Thank you both! It took me a while to make it work and I figured it wasn't an elegant approach. I had trouble understanding how to combine two rules. It would be great if there was a multi-rule example in the FAQ instead of just specific commands for individual sites. When I followed the instructions to put the new rule at the top it didn't work.

I trimmed it to what's below as was suggested. If there's a better/more secure way I'm up for suggestions.

# Prevent Internet sites from requesting LAN resources; Tivo OK.
Site LOCAL
Accept from LOCAL
Accept from online.tivo.com
Deny

Thanks again.
Jen

[barbaz]

The better way would be to reset the rule to default, open the Browser Console (Ctrl-Shift-J) and see exactly which local address it is that's being accessed, and at least limit the LOCAL access to that specific address like so:

Code: Select all

# Tivo exception
Site <ip-address-or-domain>
Accept from online.tivo.com

# Prevent Internet sites from requesting LAN resources.
Site LOCAL
Accept from LOCAL
Deny

Where you would replace <ip-address-or-domain> with the IP address or domain that ABE is blocking from access.
You could make it even more fine-grained by including the protocol and port as well:
http://<ip-address-or-domain>:port/*
Or, if you don't want to be quite that picky, just the port:
<ip-address-or-domain>:port

(omit the port if one isn't shown in the browser console)

EDIT If it's multiple LOCAL addresses, you need to put them all on the first Site line separated by a single space.