I Give Up - It's Too Complicated
I Give Up - It's Too Complicated
I give up on my third try to use noscript. It breaks everything and the interface is just plain horrible. I'm never sure what is blocked on what site. The convention of showing the reverse of the current state is idiotic. When something is blocked, the interface shows the inverse (when XXX is marked as untrusted, the interface shows "Mark XXX as untrusted.") The red circle with slash implies that it isn't blocked but you have to click to block. Everything is telling you that it isn't blocked when it is. Red should be clocked. Period. Instead the color coding is confusing.
I've done interface design work for many corporations for many years and have seldom seen anything worse than noscript.
I've done interface design work for many corporations for many years and have seldom seen anything worse than noscript.
Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Re: I Give Up - It's Too Complicated
Thank you for sharing your opinion. I am not certain on this but I think NoScript 3.x either has or will have a permssions menu that's more the style you'd like...
Just a suggestion, if you don't like it maybe you can try Scripts Globally Allowed mode so that you don't have to deal with the part of the interface you dislike?
Just a suggestion, if you don't like it maybe you can try Scripts Globally Allowed mode so that you don't have to deal with the part of the interface you dislike?
*Always* check the changelogs BEFORE updating that important software!
-
Re: I Give Up - It's Too Complicated
So...you want the icon to represent an action, and the menu items to represent statuses, rather than the other way around?
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.
True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.
True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0
Re: I Give Up - It's Too Complicated
Barbaz, why do you suggest Globally Allow as opposed to just disabling NoScript?
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Re: I Give Up - It's Too Complicated
viewtopic.php?p=84377#p84377Odin99 wrote:Barbaz, why do you suggest Globally Allow as opposed to just disabling NoScript?
*Always* check the changelogs BEFORE updating that important software!
-
Re: I Give Up - It's Too Complicated
Just wanted to bring this point back up in light of comments about NoScript 10 new interface. People are seeing the green lock and red unlock and interpreting those as permissions, not as HTTPS vs HTTP.arnier wrote:Everything is telling you that it isn't blocked when it is. Red should be clocked. Period. Instead the color coding is confusing.
I too would suggest coloring sites red if completely blocked and green if something is Allowed. IMO the colors don't help to clarify the locks, the locks could probably just stay one color for both states.
*Always* check the changelogs BEFORE updating that important software!
-
Re: I Give Up - It's Too Complicated
I want open a new thread but this one telling evertink what i want to say.
It's not clear for me if the website has an allow status, temporary allow or blocked. I say allowded by padlock stay red. The website is blocked but the padlock is green ? What the **** ? Can somebody give me an tutourial ?! I searched on youtube but can't find any tut.
What happens when i click on the padlock an change it from red to green ? Is scripting allowed or what say the padlock ?
Can i temporary allow all scripts ? Can i export or import my noscript settings ?
I turn NoScript off because i can't find out how it works.
It's not clear for me if the website has an allow status, temporary allow or blocked. I say allowded by padlock stay red. The website is blocked but the padlock is green ? What the **** ? Can somebody give me an tutourial ?! I searched on youtube but can't find any tut.
What happens when i click on the padlock an change it from red to green ? Is scripting allowed or what say the padlock ?
Can i temporary allow all scripts ? Can i export or import my noscript settings ?
I turn NoScript off because i can't find out how it works.
Last edited by barbaz on Tue Nov 21, 2017 6:03 pm, edited 1 time in total.
Reason: Language
Reason: Language
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: I Give Up - It's Too Complicated
There isn't one yet.Look_Up wrote:Can somebody give me an tutourial ?! I searched on youtube but can't find any tut.
You're setting the permission to apply over HTTPS only instead of plain HTTP.Look_Up wrote:What happens when i click on the padlock an change it from red to green ?
In both cases, not yet.Look_Up wrote:Can i temporary allow all scripts ? Can i export or import my noscript settings ?
*Always* check the changelogs BEFORE updating that important software!
-
Re: I Give Up - It's Too Complicated
The icons to the left of a domain determine its permissions. From left to right you have:
- Default - This is the default state, scripts for that domain are blocked.
- Trusted - Scripts for that domain are allowed. Note that when this active, you can control whether or not the permissions are permanent or temporary by clicking the clock on the right side of Trusted. A faded clock means they're permanent. A larger, brighter clock means they'll be reset to Default after a browser restart.
- Untrusted - The opposite of Trusted. Scripts for the domain are explicitly blocked, permanently.
- Custom - Similar to Trusted, though you specify exactly what types of objects are allowed.
- Match HTTPS Only - This seems to be what's confusing people. I think this is how it works: The color of the lock determines whether or not the permissions only apply to to the domain when accessed via HTTPS (Secure). If the lock is green, the permissions only apply if the domain is accessed through HTTPS. If the lock is red, it matches the domain regardless of HTTP or HTTPS with the caveat that it's limited to that exact domain. In other words, if lock is red, the permissions apply to site.net, but not sub.site.net. Additionally, what the lock defaults to is determined by whether or not the domain is accessed through HTTPS or not. For example, google.com is accessible through HTTPS thus its lock defaults to green (there's no reason to access the site via HTTP) and any second-level subdomains are included (IE, *.google.com).
That said, The interface certainly could use some clarification. Additionally, the XSS pop-ups on some sites are pretty annoying. Especially when there's no "permanent" sanitize option (Eg, viewing an actor on IMDb.com yields some [...] XSS warning that simply will not go away). Some suggestions to minimize confusion:
- Separate "permanent" and "temporary" for "Trusted". A plain S and an S with a clock, respectively. It's too quirky and confusing trying to set permanent or temporary permissions in the current state.
- The XSS pop-up needs a "Permanently Block" or "Don't show this message again for this script" option.
- Default - This is the default state, scripts for that domain are blocked.
- Trusted - Scripts for that domain are allowed. Note that when this active, you can control whether or not the permissions are permanent or temporary by clicking the clock on the right side of Trusted. A faded clock means they're permanent. A larger, brighter clock means they'll be reset to Default after a browser restart.
- Untrusted - The opposite of Trusted. Scripts for the domain are explicitly blocked, permanently.
- Custom - Similar to Trusted, though you specify exactly what types of objects are allowed.
- Match HTTPS Only - This seems to be what's confusing people. I think this is how it works: The color of the lock determines whether or not the permissions only apply to to the domain when accessed via HTTPS (Secure). If the lock is green, the permissions only apply if the domain is accessed through HTTPS. If the lock is red, it matches the domain regardless of HTTP or HTTPS with the caveat that it's limited to that exact domain. In other words, if lock is red, the permissions apply to site.net, but not sub.site.net. Additionally, what the lock defaults to is determined by whether or not the domain is accessed through HTTPS or not. For example, google.com is accessible through HTTPS thus its lock defaults to green (there's no reason to access the site via HTTP) and any second-level subdomains are included (IE, *.google.com).
That said, The interface certainly could use some clarification. Additionally, the XSS pop-ups on some sites are pretty annoying. Especially when there's no "permanent" sanitize option (Eg, viewing an actor on IMDb.com yields some [...] XSS warning that simply will not go away). Some suggestions to minimize confusion:
- Separate "permanent" and "temporary" for "Trusted". A plain S and an S with a clock, respectively. It's too quirky and confusing trying to set permanent or temporary permissions in the current state.
- The XSS pop-up needs a "Permanently Block" or "Don't show this message again for this script" option.
Last edited by Mistame on Tue Nov 21, 2017 7:53 pm, edited 1 time in total.
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: I Give Up - It's Too Complicated
FANTASTIC. Why isn't there a key like this when I go into the NoScript options? It would be SO easy to put something in there, yet we're just expected to look at a completely new interface and just figure it out by trial & error or something. I created an account on here just so I could point this out and say thanks to this poster.Mistame wrote:The icons to the left of a domain determine its permissions. From left to right you have:
- Default - This is the default state, scripts for that domain are blocked.
- Trusted - Scripts for that domain are allowed. Note that when this active, you can control whether or not the permissions are permanent or temporary by clicking the clock on the right side of Trusted. A faded clock means they're permanent. A larger, brighter clock means they'll be reset to Default after a browser restart.
- Untrusted - The opposite of Trusted. Scripts for the domain are explicitly blocked, permanently.
- Custom - Similar to Trusted, though you specify exactly what types of objects are allowed.
- Match HTTPS Only - This seems to be what's confusing people. I think this is how it works: The color of the lock determines whether or not the permissions only apply to to the domain when accessed via HTTP (Secure). If the lock is green, the permissions only apply if the domain is accessed through HTTPS. If the lock is red, it matches the domain regardless of HTTP or HTTPS with the caveat that it's limited to that exact domain. In other words, if lock is red, the permissions apply to site.net, but not sub.site.net. Additionally, what the lock defaults to is determined by whether or not the domain is accessed through HTTPS or not. For example, google.com is accessible through HTTPS thus its lock defaults to green (there's no reason to access the site via HTTP) and any second-level subdomains are included (IE, *.google.com).
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: I Give Up - It's Too Complicated
Yes an BIG Thank you to Mistame . Very good explained !!!
Sorry barbaz for the f-word. Did not know that it is so bad.
That UI needs definitely an update !
Look_Up
Sorry barbaz for the f-word. Did not know that it is so bad.
That UI needs definitely an update !
Look_Up
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: I Give Up - It's Too Complicated
In the author's defense, he did *just* release it. He's been working his tail off to get it updated to WebExt as soon as possible. Help, etc, are fluff that usually comes after a stable, working release.eNon wrote:FANTASTIC. Why isn't there a key like this when I go into the NoScript options? It would be SO easy to put something in there, yet we're just expected to look at a completely new interface and just figure it out by trial & error or something. I created an account on here just so I could point this out and say thanks to this poster.
Edit - More suggestions:
From Above:
- Separate "permanent" and "temporary" for "Trusted". A plain S and an S with a clock, respectively. It's too quirky and confusing trying to set permanent or temporary permissions in the current state.
- The XSS pop-up needs a "Permanently Block" or "Don't show this message again for this script" option.
Also:
- For a "Help" option, I suggest a header over the table of exceptions with an icon that when clicked/moused-over, displays a more detailed pop-up/tool tip.
- Color the domain itself based on the current permissions, not the HTTPS (lock) status.
- Add a button to move exceptions to an "Archive" category. Occasionally, one might want to review/revisit exceptions. When they're all listed in one giant table, it can get tedious sifting through them. This way, if you're absolutely sure about an exception, you can archive it and don't have to see it on the main options page (obviously provide a way to view Archived exceptions separately). Instead, you see only those you haven't archived making perusing them easier.
- In the drop-down menu, add expandable categories, with only those in the "Default" state expanded. IE: Default, Custom, Trusted, Untrusted, etc. IGN.com, for example, has about 30 entries in the list. :/
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0