[Resolved]RequestPolicy with NoScript can be confusing

[IMB4U]

EDIT: PLEASE DISREGARD THIS POST OF MINE...Problem is solved!

RE: Request Policy scripts vs identical NoScript scripts

I keep seeing people use Request Policy and I've included mentioning in my threads posted in the Avast forums previously that I would really like to use Request Policy, tried it 3 times, and gave up very quickly each time. I just recently tried it a 4th time, and, again...shortly after trying it, I ran into a problem with NoScript allowing the exact same things that Request Policy was blocking (or vice versa?), so I gave up once more; plus I couldn't understand why I would need to devote time adjusting two different extensions for the very same items.

QUESTION:
Since I don't understand its use but realize it is a security extension, what do I do when both extensions list the exact same items but conflict with allowing/blocking privileges? I assume it will take time for the Request Policy to allow my own personal adjustments with it, but if I'm to simply verify what NoScript is showing first before making Request Policy match, then why do I need Request Policy? It is supposed to be different than NoScript, and this is very confusing "to me". Any suggestions?



EDIT: PLEASE DISREGARD THIS POST OF MINE...Problem is solved:
I just got done reviewing "Request Policy", again, and I've changed my mind...I do NOT want it.
So please forgive me for taking up space here and/or perhaps even wasting anyone's time. I'm sorry!

[GµårÐïåñ]

I personally use NoScript as my first line of defense, RequestPolicy as my supplemental or second line of defense, and Adblock Plus for any little thing that might be left over that is neither script nor source/destination or simply custom item that I want to block per preference and not because its harmful. It CAN and often IS quite a bit of a pain to play with all of them at the same time and it takes some getting used to. You are specially going to feel the pain when dealing with NEW sites but the sites you visit often and have reached the perfect balance tend to continue to work just fine and without much hassle anymore and completely secure (site itself not withstanding).

If you are a proactive security minded person, I recommend you get used to it, learn it and you will find that pretty quickly you will have a hang of it, especially if you don't take the easy way out and go for too wide of a comfort range and up nullifying its effect (such temp allow by default and all that) but you are not and want the easy passive security its not going to be easy for you and NoScript is a definite must if you are going to compromise on anything. If you have questions, you can post them here and I will try to answer or you can PM me and I will do my best to help you with it, but its best if learned by doing and trial and error and field testing. Although I would stay away from ordering anything or transactions that need payments until you figure it out as the reloading that often occurs when you allow something could end up double posting a lot of things or make them fail completely. So get it stabilized and figured our before venturing into something like that.

[Tom T.]

@ IMB4U:

In a nutshell, NoScript blocks *executable content*, even *from the same page you are on*.
RP blocks all *calls to other sources* regardless of whether executable. For example, it will block a still image called from another source, which NS would not.

There is no conflict.
There is no direct connection between the permissions of each.
If you allow site.com in NS, it will be disallowed in RP *if you are anywhere else*, though it will not be affected by RP *if you are at site.com*.

RP adds a great deal of privacy and ad-blocking, to the point that I don't even need ad-blocking software. Haven't seen an ad in years, which is easier than bothering with filters, subscription lists, etc. IMHO. YMMV.

It also adds another layer of protection against certain types of cross-site attacks.

https://www.requestpolicy.com/privacy
https://www.requestpolicy.com/security and

RequestPolicy is not a replacement for NoScript! Each focuses on different, important issues. For the best security, we recommend using both RequestPolicy and NoScript. More information on the difference between the two is available here:

https://www.requestpolicy.com/faq#faq-noscript

I share your dismay that the Internet has become too dangerous to use without special protective tools, and a bit of inconvenience. But then, if the whole world were honest, we wouldn't need to carry key rings full of keys to all those locks we have, would we?

In any event, ignoring the issue won't make it go away -- quite the opposite -- and both sites, RP's and this one, are available for assistance.