InformAction Forums

I noticed a lot of people are confused on the new UI and I figured I'd copy my reply from one of the posts to make it easier to find.

Due to the nature of Firefox's upgraded engine, extensions are limited to the WebExtension API. This limits their ability to manipulate the interface. Thus, many extensions, including NoScript, have to change how their UIs work. Since NoScript's new UI is confusing for some people, here's a basic rundown of how it works:

The icons to the left of a domain determine its permissions. From left to right you have:

• Default - This is the default state, scripts for that domain are blocked.
• Trusted - Scripts for that domain are allowed. Note that when this active, you can control whether or not the permissions are permanent or temporary by clicking the clock on the right side of Trusted. A faded clock means they're permanent. A larger, brighter clock means they'll be reset to Default after a browser restart.
• Untrusted - The opposite of Trusted. Scripts for the domain are explicitly blocked, permanently.
• Custom - Similar to Trusted, though you specify exactly what types of objects are allowed.
• Match HTTPS Only - This seems to be what's confusing people. I think this is how it works: The color of the lock determines whether or not the permissions only apply to to the domain when accessed via HTTPS (Secure). If the lock is green, the permissions only apply if the domain is accessed through HTTPS. If the lock is red, it matches the domain regardless of HTTP or HTTPS with the caveat that it's limited to that exact domain. In other words, if lock is red, the permissions apply to site.net, but not sub.site.net. Additionally, what the lock defaults to is determined by whether or not the domain is accessed through HTTPS or not. For example, google.com is accessible through HTTPS thus its lock defaults to green (there's no reason to access the site via HTTP) and any second-level subdomains are included (IE, *.google.com).

I hope that helps. Feel free to offer corrections if I have something wrong.

Thanks for doing this!

Giorgio, should this be sticky?

Thanks for the explanation. Everything is so much more complicated than before. I no longer seem to have a menu from the NoScript icon listing various domains and their status for the page in question.
Is there a difference between an unlocked red icon and a locked red icon?
In this new gargantuan list of sites with their attributes is there any way to cull the list? Neither left nor right clicks seem to bring up an option.

Many thanks, Clive

See also this detailed interpretation of the interface that also addresses the HTTP/HTTPS feature.

^ Yep, more detailed post. Thanks for the link!

How do I enable a certain script? Previously I could right click and a list of blocked scripts would appear and I could select which I wanted to enable. Now that is gone. Thanks for your help.

confused1 wrote:How do I enable a certain script? Previously I could right click and a list of blocked scripts would appear and I could select which I wanted to enable. Now that is gone. Thanks for your help.

Click the NoScript icon to open the popup, then set the certain script to "Trusted" by clicking the corresponding icon.

Another guide here - https://forums.informaction.com/viewtop ... =7&t=23974