Limit JS by domain
Limit JS by domain
It used to be that you could allow scripts from googleapis.com only on google.com, for example. Now it is no longer possible. If I allow scripts from googleapis.com on any domain they are allowed on all domains. I am curious about the reason noscript was crippled in this way. If I allow scripts from Google in my Gmail, I have to allow Google scripts from everywhere I ever go on the Internet. It almost completely defeats the purpose of noscript.
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: Limit JS by domain
Contextual permissions have never been possible in "pure" NoScript, actually, but at a certain point there's been an ABE-based work-around.Jason88 wrote: ↑Fri Apr 02, 2021 4:13 pm It used to be that you could allow scripts from googleapis.com only on google.com, for example. Now it is no longer possible. If I allow scripts from googleapis.com on any domain they are allowed on all domains. I am curious about the reason noscript was crippled in this way. If I allow scripts from Google in my Gmail, I have to allow Google scripts from everywhere I ever go on the Internet. It almost completely defeats the purpose of noscript.
Unfortunately ABE did not survive the Quantum rewrite (NoScript 5.x -> NoScript 10.x).
Anyway true contextual permissions (UI-based) are coming, likely before this summer.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:87.0) Gecko/20100101 Firefox/87.0