NS10 Surrogates
Posted: Sat Mar 03, 2018 4:23 pm
-Not seeing anything for noscript.surrogate in about:config in NS10 (10.1.6.5), which, if I'm not mistaken, must mean that surrogates have not yet been ported over from NS5. If this is the case, and if it is possible to use surrogates with WE, are there are any plans for this?
-Another thing: just to be sure how surrogates work, at least in NS5, which I still use with the esr, if I allow addthis, for example, does this mean that the addthis surrogate is then being employed, or is not necessary to allow that script, as NS automatically employs the surrogate? In other words, is it necessary for the script to be allowed before its surrogate is enabled, or does allowing it defeat the use of the surrogate?
-Further, I am also using Ghostery, which often flags addthis. Once the addthis surrogate is employed--whichever way that is--do you know if it is also necessary to unblock it in Ghostery? I'm asking this in particular for https://forecast.weather.gov, where in order to change from one forecast location to another, I've found it necessary to allow addthis, among other things, which I'm not particularly happy about, since addthis is noted for employing canvas fingerprinting.
EDIT: upon further testing doesn't appear necessary to allow adthis at weather.gov in order to change forecast location. But would still like to know how these surrogates are supposed to work.
However, does seem necessary to allow WebGL@https://forecast.weather.gov. Please explain what is supposed to make a site which employs WebGL suspect? Think it's also related to canvas fingerprinting. I would assume that for a site such as weather.gov, it isn't necessarily something malevolent.
-Another thing: just to be sure how surrogates work, at least in NS5, which I still use with the esr, if I allow addthis, for example, does this mean that the addthis surrogate is then being employed, or is not necessary to allow that script, as NS automatically employs the surrogate? In other words, is it necessary for the script to be allowed before its surrogate is enabled, or does allowing it defeat the use of the surrogate?
-Further, I am also using Ghostery, which often flags addthis. Once the addthis surrogate is employed--whichever way that is--do you know if it is also necessary to unblock it in Ghostery? I'm asking this in particular for https://forecast.weather.gov, where in order to change from one forecast location to another, I've found it necessary to allow addthis, among other things, which I'm not particularly happy about, since addthis is noted for employing canvas fingerprinting.
EDIT: upon further testing doesn't appear necessary to allow adthis at weather.gov in order to change forecast location. But would still like to know how these surrogates are supposed to work.
However, does seem necessary to allow WebGL@https://forecast.weather.gov. Please explain what is supposed to make a site which employs WebGL suspect? Think it's also related to canvas fingerprinting. I would assume that for a site such as weather.gov, it isn't necessarily something malevolent.