Three Enhancement Suggestions

[Entangled]

1. Put the domain that's loaded in the browser window at the top of the allow/forbid menu list, making it quicker to find and enable. Another useful sorting would be to put all widget (iframe) domains at the bottom, making it easier to enable all JS for the page itself, e.g. CDN domains. There could also be a "Enable main window scripts" menu item that would allow all non-frame scripts to run.
2. Each domain in the allow/forbid menu list should have a clickable link to that website so one can easily visit a site to find out what it does, instead of having to remember the domain, and type it in the browser address field. Some sort of community-created popup text for each domain that explained what it does would also be helpful.
3. As detailed here, a mode that allows all scripts from a domain to run except periodic timers (or interval timers started by timer events), which would allow a site to be usable, but block distracting content animations that weren't triggered by a user event.

[Tom T.]

1. Put the domain that's loaded in the browser window at the top of the allow/forbid menu list, making it quicker to find and enable. Another useful sorting would be to put all widget (iframe) domains at the bottom, making it easier to enable all JS for the page itself, e.g. CDN domains. There could also be a "Enable main window scripts" menu item that would allow all non-frame scripts to run.

Gut reaction is that that would complicate the NoScript coding greatly, especially since the menu items change so frequently, with some scripts calling to other scripts and objects, etc.

If these are ones you are likely to visit more than once, then FAQ: Using ABE for per-site script permissions gives a way to automate those permissions.

And If you have checked Embeddings page to block all frames and iframes, they already show up in a separate menu entry, under "Blocked Objects." Mission accomplished.

[*] Each domain in the allow/forbid menu list should have a clickable link to that website so one can easily visit a site to find out what it does, instead of having to remember the domain, and type it in the browser address field.

FAQ 1.11.
Forum Rules #1 asks users to search the FAQ before posting, thank you very much.
And suppose the site is evil? Do you really want to go there directly, rather than to the ratings sites provided per the above FAQ?

Some sort of community-created popup text for each domain that explained what it does would also be helpful.

There are only about a billion web pages on the planet, with new ones added each second. At the top of this and the other two main NoScript forums are sticky posts giving that information for more than a hundred of the most commonly-seen ones. Since you are part of "the community", if you want to start on the remainder, by all means, please do so. Our permission is not required, so long as it's not claimed to be created or endorsed by us.

ETA:

instead of having to remember the domain, and type it in the browser address field.

Here, GMTA (great minds think alike). But I beat you to it.

[*] As detailed here, a mode that allows all scripts from a domain to run except periodic timers (or interval timers started by timer events), which would allow a site to be usable, but block distracting content animations that weren't triggered by a user event.[/list]

about:config
image.animation_mode set value to none.
browser.blink_allowed Double-click to toggle value to false.

[therube]

Another useful sorting would be to put all widget (iframe) domains at the bottom, making it easier to enable all JS for the page itself, e.g. CDN domains.

I don't know what a "widget" is, but often there is the need to allow *cdn.
And if the *cdn* were grouped next to the primary domain, that would make easier to locate.

[Tom T.]

I don't know what a "widget" is, but often there is the need to allow *cdn.
And if the *cdn* were grouped next to the primary domain, that would make easier to locate.

But possibly difficult to implement. Or impossible, in some cases.

Consider Facebook. Its script is simple enough. Facebook.com.
But its cdn is *not* Facebookcdn.com, but rather, fbcdn.net.

Different TLD. Different 2nd-LD.No www versus the main site. How is NoScript to know, with certainty, that this in fact belongs to FB?

I don't wish to go searching for sites that attempt to load more than one *.cdn, but if some exist, how is NS to differentiate among them, and choose the right one?

I suppose all cdn's could be grouped together by a regexp in NS matching "cdn".

But Wikipedia, for "cdn", gives not only an abbreviation for Canada and the Chinese Daily News , but a very common tech usage and a feature of some web sites,
"Change detection and notification".
You can subscribe to these, and be notified whenever a page has changed, without the frequent b/g connection (and some security issues) of RSS feeds.

I wouldn't be surprised to see a script from such source have "cdn" in it.

In any event, just exactly how hard is it to do this with one's eyes? i just went to FB, all scripts blocked, and indeed, fbcdn.net was listed immediately below facebook.com.

Then you have those that use "static" instead of "cdn". Google > gstatic. Others: static-somesite.com, and other variations.

Also, NS is used in other languages. So it needs to capture the equivalent of cdn in Cyrillic, Greek, Farsi, Hebrew, Arabic, and various Asian languages also.

I know, you've long since stopped reading...