Just came across decentraleyes, but it requires "file://"
Just came across decentraleyes, but it requires "file://"
I just came across an interesting add-on called decentraleyes https://addons.mozilla.org/en-US/firefo ... ntraleyes/ that intercepts some javascript queries. It seems to know and respect other blockers, including NoScript. Also, it seems that it requires a permanent whitelist on "file://", or else it will not work. What are the ramifications of whitelisting "file://" to always run javascript? I have only used it a few times, and figued it would be better to leave it as a temporary allow rather than a permanent allow.
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0
Re: Just came across decentraleyes, but it requires "file://
Do you trust your own filesystem? If not, you may have a much bigger problem than Javascript permissions for one addon!
That said, some people do download spam/malware webpages and analyse them locally in their web browser. If that describes you, it's fair to not want to whitelist "file://". In which case, your best bet would be to set up NoScript surrogate script for the JS you want to run local replacements. For example, to do this for jQuery -
1) Download jQuery from its official site - https://code.jquery.com/
2) Drag the downloaded file into the browser window, and copy the file: URL in the address bar
3) Go to about:config
4) Right-click > New > String
name: noscript.surrogate.jquery.replacement
for value, paste in the file: URL
5) right-click > New > String
name: noscript.surrogate.jquery.sources
value:
That will make your downloaded jquery replace *all* blocked jquery. If, for example, you only want to replace googleapis jquery, you could try this value -
6) Test it: Go to a site with jquery loaded from a third-party CDN, then Forbid the domain it's served from. If it doesn't work, and if the file: URL has any spaces, replace each space with "%20" (without quotes) and try again.
Does this help?
That said, some people do download spam/malware webpages and analyse them locally in their web browser. If that describes you, it's fair to not want to whitelist "file://". In which case, your best bet would be to set up NoScript surrogate script for the JS you want to run local replacements. For example, to do this for jQuery -
1) Download jQuery from its official site - https://code.jquery.com/
2) Drag the downloaded file into the browser window, and copy the file: URL in the address bar
3) Go to about:config
4) Right-click > New > String
name: noscript.surrogate.jquery.replacement
for value, paste in the file: URL
5) right-click > New > String
name: noscript.surrogate.jquery.sources
value:
Code: Select all
^https?://.+/jquery.*\.js
Code: Select all
.googleapis.com/*/jquery.min.js*
Does this help?
*Always* check the changelogs BEFORE updating that important software!
-