NS preventing Frozen Cookies script from running

[PadaV4]

When i try to execute frozen cookies addon https://raw.github.com/Icehawk78/Frozen ... _loader.js on cookie clicker http://orteil.dashnet.org/cookieclicker/ site, it doesn't work unless you allow scripts globally and uncheck "block every object coming from a site marked as untrusted". Information on what is Frozen cookies here http://cookieclicker.wikia.com/wiki/Fro ... _Add-on%29

i don't think it should be needed to experiment with all of the noscript options, or disabling the noscript addon to get one script to run. And No Sscript gives no message either, made me think firefox or the script itself was broken.

firefox 27 nightly
noscript 2.6.8.3rc2

[Thrawn]

Are there any messages from NoScript in the Browser Console?

[PadaV4]

[NoScript] Blocking nosniff Javascript served from https://raw.github.com/Icehawk78/Frozen ... cookies.js with wrong type info text/plain, inline and included by http://orteil.dashnet.org/cookieclicker/

[Thrawn]

Ah. That shows some bad behavior on the part of the addon, relying on a piece of JavaScript from Github (which someone might be able to maliciously change). Github is correctly telling your browser that this file is just meant to be viewed, not included as part of a web page and automatically executed, but the author apparently decided to use a 'clever' shortcut.

The workaround (if you trust that the Github file will always be safe and tamper-free) is:

• Open a new tab and type about:config in the address bar;
• Search for 'inclusionTypeChecking.exceptions' and double-click on the result;
• Add raw.github.com to the list of sites.