How to allow top level domains in NoScript 10 (Quantum)?
How to allow top level domains in NoScript 10 (Quantum)?
In NoScript 10, I'm missing the ability to trust certain top-level domains, like cloudfront.net. This was possible in NoScript 5 through the setting menu.
I added "www.cloudfront.net" to the list of Trusted Sites, but subdomains still require manual approval. Since cloudfront.net have many subdomains, this becomes very time consuming.
I checked the FAQ (item 1.12), but it haven't been update to version 10, suggesting to "(Check NoScript Options|General|Temporarily allow top-level sites by default and select 2nd level domain".
What do you suggest?
I added "www.cloudfront.net" to the list of Trusted Sites, but subdomains still require manual approval. Since cloudfront.net have many subdomains, this becomes very time consuming.
I checked the FAQ (item 1.12), but it haven't been update to version 10, suggesting to "(Check NoScript Options|General|Temporarily allow top-level sites by default and select 2nd level domain".
What do you suggest?
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: How to allow top level domains in NoScript 10 (Quantum)?
In the NS settings page, try typing in JUST https://cloudfront.net and then setting it to trusted, this should allow all subdomains as well. Dont use the "www." Also, in 10.1.5.7rc1 there is an option at the top to "Temporarily set top-level sites to TRUSTED"...
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:57.0) Gecko/20100101 Firefox/57.0
Re: How to allow top level domains in NoScript 10 (Quantum)?
You can try removing the www and just using ...cloudfront.net however I suspect it probably won't solve your problem.NYCgirl wrote:In NoScript 10, I'm missing the ability to trust certain top-level domains, like cloudfront.net. This was possible in NoScript 5 through the setting menu.
I added "www.cloudfront.net" to the list of Trusted Sites, but subdomains still require manual approval. Since cloudfront.net have many subdomains, this becomes very time consuming.
There is a significant problem with domain handling in NoScript 10 - see this thread :
https://forums.informaction.com/viewtop ... 023#p93442
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: How to allow top level domains in NoScript 10 (Quantum)?
I'm having the same issue (and cloudfront.net also happens to be the one bugging me at the moment). I just want to be able to add *.cloudfront.net to whitelist but can't do that. Seems like half the sites I go to use a different subdomain of cloudfront.net to provide content or support commenting.
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
-
- Posts: 4
- Joined: Wed Dec 06, 2017 10:00 pm
Re: How to allow top level domains in NoScript 10 (Quantum)?
I'm not sure where to mention this, but I think 10.1.5.6 made a significant change in regards to domain-level access control. Did anyone else notice?
Between 10.1.5.1 and 10.1.5.5, I would repeatedly try to allow a domain in the new menu, but it wouldn't work: after reload, the same domain would show as default, not trusted, and it seemed like no scripts were being allowed for that domain.
This behavior is gone with 10.1.5.6; at least that's what I noticed. When I allow a domain, it seems to work exactly like I expect from from my experience with the 5.x version. Thanks Maone!
Some of the comments here seem to be asking for an enhancement, which I support, but the thread subject sounds just like the bug I experienced. So, I thought I would mention it.
Between 10.1.5.1 and 10.1.5.5, I would repeatedly try to allow a domain in the new menu, but it wouldn't work: after reload, the same domain would show as default, not trusted, and it seemed like no scripts were being allowed for that domain.
This behavior is gone with 10.1.5.6; at least that's what I noticed. When I allow a domain, it seems to work exactly like I expect from from my experience with the 5.x version. Thanks Maone!
Some of the comments here seem to be asking for an enhancement, which I support, but the thread subject sounds just like the bug I experienced. So, I thought I would mention it.
Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: How to allow top level domains in NoScript 10 (Quantum)?
Give us an EXACT site we can test this on. I will report back with an answer...
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:57.0) Gecko/20100101 Firefox/57.0
Re: How to allow top level domains in NoScript 10 (Quantum)?
as DHO said, https://forums.informaction.com/viewtop ... =7&t=24023 covers your questionwavion wrote:I'm having the same issue (and cloudfront.net also happens to be the one bugging me at the moment). I just want to be able to add *.cloudfront.net to whitelist but can't do that. Seems like half the sites I go to use a different subdomain of cloudfront.net to provide content or support commenting.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: How to allow top level domains in NoScript 10 (Quantum)?
No Solution Yet
Thanks for your suggestions and references. I tried all of them, but there's no solution yet:
Thanks for your suggestions and references. I tried all of them, but there's no solution yet:
- I didn't see a solution in any of the threads mentioned
NoScript won't allow adding "https://cloudfront.net/" or "https://*.cloudfront.net/". Unless I typed "https://www.cloudfront.net/", the plus sign (to add a domain) remains greyed out.
There's no WWW server for either address. If I attempt to navigate there (to add an exception, as one commenters suggested), I receive "server not found" error from Firefox.
The problem isn't resolved by selecting "Temporarily set top level domains as trusted"
Using 10.1.5.7rc1 make no difference
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: How to allow top level domains in NoScript 10 (Quantum)?
I JUST tested this in the NoScript options/master list:NYCgirl wrote:No Solution Yet
I hope this can be resolved soon.
Typing "cloudfront.net" then clicking the plus sign works absolutely fine. You then click the RED lock next to it to make sure it is only allowing cloudfront.net from a secure connection, or if you wish, leave the lock open/red and it will trust it from BOTH insecure (http) & secure (https) connections. It is not greyed out and adds to the list perfectly.
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:57.0) Gecko/20100101 Firefox/57.0
Re: How to allow top level domains in NoScript 10 (Quantum)?
The above is a helpful description of how to add a trusted entry for ...cloudfront.net.
However NoScript 10 probably won't interpret this new rule to mean that *.cloudfront.net should be trusted (this is the problem with trusting specified domains described in the other thread).
As far as I know this NoScript 10 problem is currently not resolved (and unfortunately I haven't yet seen any indication of when it might be resolved).
However NoScript 10 probably won't interpret this new rule to mean that *.cloudfront.net should be trusted (this is the problem with trusting specified domains described in the other thread).
As far as I know this NoScript 10 problem is currently not resolved (and unfortunately I haven't yet seen any indication of when it might be resolved).
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: How to allow top level domains in NoScript 10 (Quantum)?
Wait — doesn't the "..." prefix on a trusted domain name mean "trust all sub-domains too"? Not sure what "other thread" you're referring to, but what else could that "..." prefix mean?DHO wrote:The above is a helpful description of how to add a trusted entry for ...cloudfront.net.
However NoScript 10 probably won't interpret this new rule to mean that *.cloudfront.net should be trusted (this is the problem with trusting specified domains described in the other thread).
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: How to allow top level domains in NoScript 10 (Quantum)?
It does.FranL wrote:Wait — doesn't the "..." prefix on a trusted domain name mean "trust all sub-domains too"?
Read DHO's previous post in this thread and all will become clear.FranL wrote:Not sure what "other thread" you're referring to, b
*Always* check the changelogs BEFORE updating that important software!
-
Re: How to allow top level domains in NoScript 10 (Quantum)?
We're making progress, but we're quite there.
* If I type "...cloudfront.net" (literally, ellipsis followed by the domain name), I can add the domain to the trusted list in NoScript options
* but even after adding, the subdomains are not trusted. Rather, I have to manually change the setting for each one. And since cloudfront uses many, many subdomains, it means a lot of manual work
*This was tested on 10.1.5.7rc1 after selecting Temporarily set top level domains as trusted
Images: Trusting "cloudfront.net" doesn't convey trust to its many subdomains
https://ibb.co/g2HZhw
https://ibb.co/ke7pFG
* If I type "...cloudfront.net" (literally, ellipsis followed by the domain name), I can add the domain to the trusted list in NoScript options
* but even after adding, the subdomains are not trusted. Rather, I have to manually change the setting for each one. And since cloudfront uses many, many subdomains, it means a lot of manual work
*This was tested on 10.1.5.7rc1 after selecting Temporarily set top level domains as trusted
Images: Trusting "cloudfront.net" doesn't convey trust to its many subdomains
https://ibb.co/g2HZhw
https://ibb.co/ke7pFG
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: How to allow top level domains in NoScript 10 (Quantum)?
Just type "cloudfront.net" into the box and click the plus sign. DO NOT TYPE "...cloudfront.net". You then click the RED lock next to it to make sure it is only allowing cloudfront.net from a secure connection, or if you wish, leave the lock open/red and it will trust it from BOTH insecure (http) & secure (https) connections. It is not greyed out and adds to the list perfectly. I have personally tested this. - subdomains will be trusted. If this does not work, I suggest trying it with a fresh profile. (backup your current one)NYCgirl wrote:Images: Trusting "cloudfront.net" doesn't convey trust to its many subdomains
https://ibb.co/g2HZhw
https://ibb.co/ke7pFG
FYI: Do not use ibb.co for image hosting, it has been known to be serving up all kinds of malware. Please re-post pics from a different host if possible.
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:57.0) Gecko/20100101 Firefox/57.0
Re: How to allow top level domains in NoScript 10 (Quantum)?
Are you giving a workaround to a bug or describing how it should work? If the latter, it seems backwards to me. I assume the "..." prefix is meant to imply sub-domains (as well as the primary domain). So the absence of the "..." prefix must mean "no sub-domains — just this primary domain". Please correct me if my assumptions are wrong.8-bit wrote:Just type "cloudfront.net" into the box and click the plus sign. DO NOT TYPE "...cloudfront.net".
...
I have personally tested this. - subdomains will be trusted.
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0