v 2.6.9.6 introduces:
+ Built-in force HTTPS list, seeded with www.youtube.com
I found this item interesting and have a few questions ...
- do you plan to expand upon the built-in list such that NoScript would be closer to covering the functionality of HTTPS Everywhere?
- why is youtube.com the first domain added to this list?
- is there a way for users to disable the built-in list, if it's functionality is redundant to addons like HTTPS Everywhere?
+ Built-in force HTTPS list, seeded with www.youtube.com
+ Built-in force HTTPS list, seeded with www.youtube.com
Mozilla/5.0 (X11; Linux x86_64; rv:34.0) Gecko/20100101 Firefox/34.0
-
Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: + Built-in force HTTPS list, seeded with www.youtube.com
No, I don't. I'm gonna use it to fix blatant incompatibilities.Thencent wrote: - do you plan to expand upon the built-in list such that NoScript would be closer to covering the functionality of HTTPS Everywhere?
Even more so since the major websites are pushing HSTS, which makes client-side forcing for security reasons progressively redundant.
Because doing so fixed an embedding activation compatibility problem.Thencent wrote: - why is youtube.com the first domain added to this list?
You can just edit it like any other about:config preference: once you set it to a value different than its default (e.g. an empty string), NoScript updates won't change it (until you eventually reset it).Thencent wrote: - is there a way for users to disable the built-in list, if it's functionality is redundant to addons like HTTPS Everywhere?
Mozilla/5.0 (Windows NT 6.3; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0