I have a crazy(ish) idea about retaining some functionality of websites without whitelisting, and I guess I'm not the first. Do you know of a humanly feasible way not to whitelist the entire site, but merely replace their JavaScript with one provided from user-side? I'm talking about something similar to the surrogate technology Mister Giorgio had built into NS for google-analytics and similar trackers.
I'll explain with an actual example, so please bear with me. I frequent userstyles.org, place dedicated to changing how websites appear. In order to use it, one needs to whitelist userstyles.org. But I don't feel comfortable whitelisting a http-only website with primarily user-generated content. (They are also slow at applying software updates, security-fix releases!) I have checked their JS file (http://cdn.userstyles.org/javascripts/script.js) and it appears fine (with the excess of lightbox and such
).Now, do you fine fellas know how to keep the site blocked in NS, but have it execute that JS file from my own hard-drive or other online source one can control? The only two ways I could figure out were... stopped... by NS. First idea was to use a local proxy to serve my own file and let Firefox think it fetched the real deal. Unfortunately, it fails if NoScript blocks scripts. Second idea was to use Greasemonkey / Scriptish and copy the relevant parts of JS there. That mostly works, but functionality is still too limited to install styles. Non-surprisingly, third and traditional way of executing external JS files (by embedding a script element to the page) is also blocked by NS.
I am hoping some of you have actually tried similar setups, or have an idea as to what would be the best way to accomplish it.
Eagerly awaiting your responses and input. Thank you for your time
Edit: fixed an error.
