Is there a way to allow scripts to run on all subdomains of a site but only when sent over https? In other words is there a way to whitelist https://*.google.com ?
The "Forbid active web content unless it comes from a secure (HTTPS) connection" option is not what I am looking for because I still want to allow other http sites to run scripts.
The "Force the following sites to use secure (HTTPS) connections" option is also not what I am looking for because I still want http://*.google.com to be allowed to load but not allowed to run scripts. This option can also break OCSP when https://www.google.com is loaded OCSP queries http://clients1.google.com/ocsp which NoScript converts to https causing another OCSP query resulting in an infinite loop.
Thanks in advance for any suggestions.
Whitelisting subdomains for https connections only
Whitelisting subdomains for https connections only
Last edited by barbaz on Tue Dec 20, 2016 4:11 pm, edited 1 time in total.
Reason: kill board-generated links
Reason: kill board-generated links
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
Re: Whitelisting subdomains for https connections only
google.com in whitelist
(On a sample viewtopic.php?p=77597#p77597)
Code: Select all
Site ^http://[^/]+\.google\.com #for subdomains, not http://google.com
# or Site ^http://([^/]+\.)?google\.com #subdomains or http://google.com
Deny INC(SCRIPT)
Sandbox
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 SM/2.38 NS/2.9.0.12
Re: Whitelisting subdomains for https connections only
@fatboy: When a site is forbidden in NoScript, it's not just JS that's blocked. The "OBJ, FONT, XHR, MEDIA" in the sample is there to emulate *all* of NoScript's active content blocking. (see NoScript Options > Embeddings, and noscript.forbidXHR)
*Always* check the changelogs BEFORE updating that important software!
-
Re: Whitelisting subdomains for https connections only
@fatboy I have tried modifying the ABE rules as you have suggested, but it seems that scripts (and other active content) are still able to run on the http versions.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
Re: Whitelisting subdomains for https connections only
*Always* check the changelogs BEFORE updating that important software!
-
Re: Whitelisting subdomains for https connections only
Unlocking.
t9k, please upgrade NoScript to latest development build 2.9.5.3rc2 and then retry fatboy's suggestion.
t9k, please upgrade NoScript to latest development build 2.9.5.3rc2 and then retry fatboy's suggestion.
*Always* check the changelogs BEFORE updating that important software!
-