Per
NS Options > Appearance,
http://www.noscript.net is a "Full Address", because it includes a protocol for addressing and replying. (HTTP, HTTPS, FTP, gopher, socks, etc.)
It does seem to be called "Site" in that config option.
www.noscript.net is a "Full Domain", containing the total domain name less the protocol.
You are correct that .com, .net, .org, etc. are Top-Level Domains.
Hence
noscript.net is indeed a Second-Level Domain.
news.yahoo.com is a Third-Level Domain.
(This is useful because I use Yahoo Mail, and therefore must allow
mail.yahoo.com. but prefer to forbid
www dot yahoo.com)
There are fourth- and fifth-level domains -- every new term to the *left* of the previous left-most dot -- but I can't think of any offhand. You can probably find some.
noscript.docShellJSBlocking:
0 - no docShell JS blocking
1 - (default) docShell JS blocking for untrusted sites (enables
effective blacklists for defalut-deny modes)
2 - docShell JS blocking for every non-whitelisted site (enables
cross-frame inheritance of JS blocking)
What's docShell JS and why is that pref set to 1 even when I have "Forbid Frames" and "Apply these restrictions to trusted sites" checkboxes ticked in NoScript's UI ?
What it is would probably only complicate the discussion more, but why it defaults to 1 instead of 2 is a very good question. If I don't whitelist a site, certainly I don't want to whitelist JS in frames from or to it. I'll ask Giorgio, but in the meantime, I'm going to set mine to 2 and see if anything breaks.
noscript.untrustedGranularity:
+ Whitelisting sites from NoScript Options|Whitelist obeys to the
noscript.untrustedGranularity preference
But it doesn't say what the different values are for.
It's "probably" whether to match Untrusted by 2nd level domain, 3rd, full, etc. as discussed above, because you may configure Appearance to show only Base 2nd Leve Domains, yet blacklist a third-level domain, either manually or when Appearance was set differently. But I don't like "probably", so I'll ask Giorgio to clarify that also, and what the numbers mean.
Finally, what's the difference between the noscript.filterXExceptions string and all the prefs under noscript.filterXExceptions.* ? Assuming I set the string to "", should I also set all following booleans to false ?
I did, because I don't use those sites. Two seem to have escaped: ebay and medicare, perhaps added since I last went through about:config. I toggled those to false, also.
Giorgio must have a list of what all prefs do somewhere. Has he considered making it public ? He does (or did) explain what prefs do when he introduces them, but that info seems to vanish over time.
There was a fairly extensive list in
this topic, but yours don't seem to have been included. (Else your search would have found them.) Excellent idea.
@ Giorgio: RFE: A new page in noscript,net, something like
noscript.net/aboutconfigprefs, where all such configurable prefs, and a simple explanation of the meaning of each possible value, are listed, preferably in alphabetical order. I realize this may take quite a bit of time, but surely it would be a valued resource to many.