- gmail.com, google.com, googleapis.com and gstatic.com (GMail, Google Maps and other Google services)
- hotmail.com, live.com, microsoft.com, msn.com, passport.com, passport.net, passportimages.net, js.wlxrs.com (Microsoft webmail services)
- yahoo.com, yimg.com, yahooapis.com (Yahoo! Mail)
But these links are no longer in the default whitelist, so I'd like to know why should I accept these scripts since they belong to Google, Yahoo! and Microsoft. I don't use webmail clients but I do use TOR and sometimes I need to submit a captcha to visit some websites (or sing up in sites like this forum). And if these sites are dangerous and insecure, please, remove them from the FAQ.
Thanks for your work!