go to about:config
remove resource: from noscript.mandatory
add resource:// and resource://gre to noscript.untrusted
And don't forget to remove the equal preferences under noscript.mandatory
Both, resource:// and resource://gre are necessary to block all stuff from browserleak test site.
go to about:config
remove resource: from noscript.mandatory
add resource:// and resource://gre to noscript.untrusted
And don't forget to remove the equal preferences under noscript.mandatory
... And enjoy your broken browser. Don't do this "fix", those things are required to be whitelisted in NoScript for the browser work properly. FAQ 1.5
Thanks for the link though, I'm going to look into that resource: URI addon and what it's doing. https://addons.mozilla.org/addon/no-resource-uri-leak/
EDIT I've installed it now, it works with SeaMonkey. There is also a Pale Moon version, it's linked in the description on AMO.
*Always* check the changelogs BEFORE updating that important software!
The NoScript procedure will indeterminately block active content from resource: URIs regardless of origin, and does nothing about non-active-content (like images and such). It's basically only useful against the one specific PoC.
No Resource URI Leak blocks ANY access to resource: URIs not from specified location (by default this list is chrome:, resource:, view-source:, and various about: URIs). Safe and effective.
*Always* check the changelogs BEFORE updating that important software!
I've just realised that the No Resource URI Leak addon blocks NoScript's placeholder icons. Since that addon is patching a bug that could be fixed in the browser, this doesn't look good for the future of placeholder icons in the current state...
Can the placeholder icon problem please be fixed in NoScript?
*Always* check the changelogs BEFORE updating that important software!
It blocks much more stuff in Gecko 49... even including dropdown markers, and, it also makes NoScript's placeholders a completely blank yellow box.
The dropdown markers can be fixed by adding "gre-resources" to the debug whitelist, but as NoScript's resource: URIs are random it is impossible to fix that problem without patching the addon code.
*Always* check the changelogs BEFORE updating that important software!
What he says is that it's only information about the browser itself that's being revealed this way. As far as whether that counts as exposing user data, unlikely for typical users but across the board is another game. See, 'Mozilla/5.0 (X11; Linux x86_64; rv:49.0) Gecko/20160905 SeaMonkey/2.46pre' is a whole lot more unique than e.g. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7' isn't it?
*Always* check the changelogs BEFORE updating that important software!