Clarifications

[LongTimeFan]

How does the new noscript work? The default option is not the old nothing permitted? With the same permissions the default selection of a site work as intended while the trusted don't like it's all blocked, plus how the checkmarks work? I though they were related to that site (and it's subdomains) but if I change some of the checkmarks I change them for all the site I Trusted, is intended or I just didn't understood how the new noscript work?
On the other hand I think the custom tab it's broken since if I change the checkmarks here I change the default permission too, and that is making me more confused than I already am.
The lock icon is new and I have no idea what it do since there is no change in the site it force https or what?
Anyway thanks Giorgio for it's hard work it's really appreciated.

[Pansa]

As far as I understand it :

You have 4 presets *
default | trusted | untrusted | custom

you can set which things to allow/disallow for each of those.
Basically you put all checkmarks in trusted, remove all checkmarks in untrusted (if you want to, you can also allow scripts on all untrusted pages but not media for instance)
If you set the default preset with all checkmarks removed, too, you basically have the core functionality of the old NS.

You get to a page, nothing gets executed (is in default), you put it in trusted (with the little clock visible to revert it back to default after temp use).

This way you lose all of the new functionality of micromanaging the different check marks though.

Now the problem:
since all of these are configurable, you might think "custom means per domain".
It does not. *)It's even weirder. custom is redundant with default. set a domain to custom and allow something, it is automatically allowed for all domains in the default preset, too. So you don't have 4, you have 3 presets. I assume that is a bug, but I haven't gotten any feedback on my post asking about that specifically.

[Pansa]

NS 10.1.2 has been released.

Ignore anything I said about "default" vs "custom".
Custom works now properly and checking boxes does not check boxes in "default" any more.

So default = all empty
go to page
put things into "trusted" (with all checked) or "custom" (check what you want, it's site specific), or, if you are a neatfreak move them from "default" to "untrusted", although that shouldn't make a difference since both of those should have no checks active.

[LongTimeFan]

to recap default= all empty= nothing permitted, Trusted=all checked= all permitted, Untrusted is the same as default since I will leave it blank and custom is per domain and i can check everything I want right?
Now I myght have made a mess in the already existing permission how i delete all permission to do something like a fresh start of permission?

[LongTimeFan]

And the only per domain setting is custom the others a re shared between all domains

[Pansa]

You got it. And making the little clock non-translucent means the move is temporary, and the domain goes back to default like it used to be with "temp allow".

Make sure you are on 10.1.2 though. 10.1.1 was buggy in that regard.
10.1.2 also has the "temp allow all" and "remove all temp" buttons back.

As for deleting:
go to options
click "debug" at the bottom. you will find both the rules for the groups as well as the members of those groups there.
cut what you regret, take care about the formatting though. (especially punctuation at the end of segments.)
If you don't want to mess with the text, the graphical part above is basically all rules you made as well. so when in doubt -> set to default

[LongTimeFan]

Thanks 10.1.2 is a lot better and looks better. There is still some problems with permission sicne i'm unable to see the confirmation code above even if I allow temporary all the page, and I found no way to make it appear, the trick I was using in 10.1.1 is not working anymore but that's most probably a bug. (Posted with Edge)

[Pansa]

Thanks 10.1.2 is a lot better and looks better. There is still some problems with permission sicne i'm unable to see the confirmation code above even if I allow temporary all the page, and I found no way to make it appear, the trick I was using in 10.1.1 is not working anymore but that's most probably a bug. (Posted with Edge)

Works fine here (If you are referring to the code the forum requires to post if you have not logged in).

When you are on the composer page, what are your settings for the google script? (The captcha is provided by google, and it only is loaded on the composer screen (obviously, the captcha applet doesn't run on the main forum))
But you would have had this exact problem with the old NS, too (google would only have appeared in the list when trying to post something, and would have to be enabled there too).

[LongTimeFan]

No problem with the old noscript with recaptcha but with 10.1.2 I have far worse problems than the code of this forum, since 10.1.2 the only way to make scripts working is to allow them globally, switching between the setting is useless, the permissions are not working, and I bet It's a bug of the current version, maybe related to incognito browser since I'm usign it and the new version fix the broken ui i got before.

[Pansa]

No problem with the old noscript with recaptcha but with 10.1.2 I have far worse problems than the code of this forum, since 10.1.2 the only way to make scripts working is to allow them globally, switching between the setting is useless, the permissions are not working, and I bet It's a bug of the current version, maybe related to incognito browser since I'm usign it and the new version fix the broken ui i got before.

you didn't answer my question.

No problem with the old noscript with recaptcha

Then you did allow the specific google address to run in the old NS. If you didn't permit the script it didn't run, and that is still the same.
The captcha is a java script originating from google and not this forum. In either NS version this captcha is only shown if google has permission to run that script.

only way to make scripts working is to allow them globally

That is technically what you did before, too. If you allowed a specific source on one page, the same source was allowed on all tabs on all pages.
It just was quite specific about "SAME" though, and it still is. Can't get into it though because the filter doesn't allow urls.

switching between the setting is useless, the permissions are not working

They are, but yes, there is still a bit of a buggy situation going on concerning changes not taking sometimes.
Try not using private browsing, some people report issues with that.

As far as settings not taking, there seems to be a bug concerning what happens if you have it set to "https only" (the green lock) but there is actually no https script. If for a specific page changing a preset doesn't "take", look at the top left of your adress bar (where the url is in firefox), if there is no green lock there, set it from green to red in No script, too.
And in this version you have to manually reload the page, it only autoreloads if you press "allow all temporary".

[bo elam]

....or, if you are a neatfreak move them from "default" to "untrusted", although that shouldn't make a difference since both of those should have no checks active.

Hi Pansa, it does make a difference when you Temporarily allow all this page (Untrusted domains wont load scripts). Nice difference, and a good reason to build an Untrusted/Black list.

Bo

[Guest]

....or, if you are a neatfreak move them from "default" to "untrusted", although that shouldn't make a difference since both of those should have no checks active.

Hi Pansa, it does make a difference when you Temporarily allow all this page (Untrusted domains wont load scripts). Nice difference, and a good reason to build an Untrusted/Black list.

Bo

At the point of that writing there was no "temp allow all".

(And I personally avoid that button like the plague to begin with, because you often have to press it several times anyway, and trying to individually blacklist the internet is just an excercise in futility blowing up a config file that needs parsing. But that is just me. I whitelist what I seem to need, and temp allow what comes up rarely)

[bo elam]

At the point of that writing there was no "temp allow all".

(And I personally avoid that button like the plague to begin with, because you often have to press it several times anyway, and trying to individually blacklist the internet is just an excercise in futility blowing up a config file that needs parsing. But that is just me. I white list what I seem to need, and temp allow what comes up rarely)

Yes, perhaps there was no "temp allow all" at the moment that post was written but we always had that setting during the 9 years I used NoScript, and we knew it was coming back.

You have your way of using NoScript and I have mine. In mine, I white list what I need for the sites I visit regularly to work properly and build a blacklist at the same time. I rarely have a need to click temp allow all but is nice than when you do, a lot of domains (trackers, ad severs, malicious domains) are blocked because they are included in your blacklist. I see same nasty domains all over the place. The ones you see in one site, you ll find them again another day in other sites. And you become familiar with them. This familiarity helps you identify the ones you don't want to allow when they are not blacklisted and you have to guess what to allow and not to allow. My blacklist is very large and the white list is tiny. It works for me, take a look. I posted this pictures last night at another forum. This is how I use NoScript in sites that are nasty and I visit on a regular basis.





Bo

[Pansa]

Bo

That is all very nice. But beside the point.

This thread is by someone seeking help.
They don't truly understand what happened in the old NS, and don't understand the new NS (this may sound accusatory, but is merely meant factual).

This means systematically easing up on what we explain, and removing anything that is more complicated than before.

And again, do as you please, if it works for you, fine. I was merely pointing out that
A) you are complicating things without there being a point in context
B)Having a huge rule list creates time to parse that rule list. The shorter the list and the easier to get to "default behavior", the quicker.

[bo elam]

And again, do as you please, if it works for you, fine. I was merely pointing out that
A) you are complicating things without there being a point in context
B)Having a huge rule list creates time to parse that rule list. The shorter the list and the easier to get to "default behavior", the quicker.

While you think using a black list is useless, the developer believes it is useful (and I agree).
https://noscript.net/features#blacklist

A) By the way, the black list doesn't complicate things, it makes things a lot easier. You just dont know it. NoScript becomes more convenient.

B) Time you spend building it? Is so little, is almost none. You do it over time. I hardly ever have to open the NoScript menu to add this or allow that. All the sites I visit regularly are done. Set and forget.

Greetings

Bo