Since about:reader isn't on the default NoScript whitelist, and it's unclear what elements of the original page the reader is filtering, is about:reader safe to whitelist?
Are any of the original page's scripts being loaded in the about:reader view or is it purely sanitized text?
Is about:reader harmless to whitelist?
-
SquirrelTwo
Is about:reader harmless to whitelist?
Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:42.0) Gecko/20100101 Firefox/42.0
-
Giorgio Maone
- Site Admin
- Posts: 9546
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: Is about:reader harmless to whitelist?
I refused to whitelist about:reader because I don't trust any sanitizers.
Whitelisting about:reader, in the presence of a sanitizer bug, would basically mean whitelisting every origin.
Whitelisting about:reader, in the presence of a sanitizer bug, would basically mean whitelisting every origin.
Mozilla/5.0 (Windows NT 10.0; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0
-
SquirrelTwo
Re: Is about:reader harmless to whitelist?
That's what I figured. If the base sites aren't allowed however enabling about:reader should be fine though, correct?Giorgio Maone wrote:I refused to whitelist about:reader because I don't trust any sanitizers.
Whitelisting about:reader, in the presence of a sanitizer bug, would basically mean whitelisting every origin.
Or is the reader allowing part of the origin site to run through it when allowed (at least potentially)?
Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:42.0) Gecko/20100101 Firefox/42.0