Highlighting in the yellow box
Highlighting in the yellow box
Sorry if this has already been asked before. In the yellow box, some entries are highlighted:
What is the meaning of the darker pink boxes? Does it show what types of content NoScript has detected coming from that source?
What is the meaning of the darker pink boxes? Does it show what types of content NoScript has detected coming from that source?
Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: Highlighting in the yellow box
Hello. Thank You very much, lancelot. I wanted to ask a question about exactly the same thing. It's very interesting. I wonder if it has any meaning important to users etc.
Thanks.
Thanks.
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0
- Giorgio Maone
- Site Admin
- Posts: 9455
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: Highlighting in the yellow box
The red highlighting means that attempts to use that capability have been detected in the page, therefore they're more likely than others to be needed for the page to work fully as intended by its authors.
Also please notice that, unless you want to radically change the way NoScript operates by default (e.g. because you want it to allow more on "new" site, and restrict those you don't like afterwards using UNTRUSTED, i.e. implementing a blacklisting mode opposite to the "normal" whitelisting mode), you'll better not touch the presets and customize only the CUSTOM permissions.
Also please notice that, unless you want to radically change the way NoScript operates by default (e.g. because you want it to allow more on "new" site, and restrict those you don't like afterwards using UNTRUSTED, i.e. implementing a blacklisting mode opposite to the "normal" whitelisting mode), you'll better not touch the presets and customize only the CUSTOM permissions.
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: Highlighting in the yellow box
Hello. Mr Maone, thanks for an answer. So, it's better to use a "CUSTOM" to modify options, instead of "TRUSTED"? I'm asking, because if I trust some website, I choose "TRUSTED" (however, I remove some options, such as: media, font and webgl) -- I noticed, that for most cases script is needed.
Generally, what are You suggesting? What is the best method to use NoScript v10? I know, that users can deploy something You have mentioned: "implementing a blacklisting mode opposite to the "normal" whitelisting mode". Does "my method" mentioned above (using "TRUSTED" without some options) is OK?
By the way; is it normal, that after installing NoScript from your website (a development version), it is no longer possible to update NoScript via "Tools > Addons > find updates"? I am asking, because I'd experienced such a situation. I had to install NoScript v10.1.6.1 from the addons.mozilla website (there was an information about various things, such as needed access etc.)
Thanks.
Generally, what are You suggesting? What is the best method to use NoScript v10? I know, that users can deploy something You have mentioned: "implementing a blacklisting mode opposite to the "normal" whitelisting mode". Does "my method" mentioned above (using "TRUSTED" without some options) is OK?
By the way; is it normal, that after installing NoScript from your website (a development version), it is no longer possible to update NoScript via "Tools > Addons > find updates"? I am asking, because I'd experienced such a situation. I had to install NoScript v10.1.6.1 from the addons.mozilla website (there was an information about various things, such as needed access etc.)
Thanks.
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0
Re: Highlighting in the yellow box
I recommend you to read https://hackademix.net/2017/12/04/noscr ... utshell-2/daniel4859 wrote:Hello. Mr Maone, thanks for an answer. So, it's better to use a "CUSTOM" to modify options, instead of "TRUSTED"? I'm asking, because if I trust some website, I choose "TRUSTED" (however, I remove some options, such as: media, font and webgl) -- I noticed, that for most cases script is needed.
Generally, what are You suggesting? What is the best method to use NoScript v10? I know, that users can deploy something You have mentioned: "implementing a blacklisting mode opposite to the "normal" whitelisting mode". Does "my method" mentioned above (using "TRUSTED" without some options) is OK?
Sounds normal to me.daniel4859 wrote: By the way; is it normal, that after installing NoScript from your website (a development version), it is no longer possible to update NoScript via "Tools > Addons > find updates"? I am asking, because I'd experienced such a situation. I had to install NoScript v10.1.6.1 from the addons.mozilla website (there was an information about various things, such as needed access etc.)
Last edited by Tomatix on Mon Dec 25, 2017 7:34 pm, edited 1 time in total.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: Highlighting in the yellow box
@Giorgio In my opinion the global presets settings should be removed or made read-only in the domains list. It seems to be too confusing and I also don't see actual benefits from having it there.
Edit: clearer wording
Edit: clearer wording
Last edited by Tomatix on Tue Dec 26, 2017 10:43 pm, edited 1 time in total.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: Highlighting in the yellow box
I totally agree that the possibility of changing these fundamental settings here is very confusing and dangerous too. This highlighting thing is quite interesting but causes even more puzzlement when on default bar: you automatically want to tick this option and so it is on everywhere without you noticing anything. Maybe this highlighting could left there but not possibility of changing options.
Of course knowing what the blocked sites want is quite useful (* on custom bar and maybe it would be wise to let the option boxes only there.
*) But not without danger either: As far as I understand ticking an option on Custom bar leaves that option on everywhere for that particular site. Would be nice if this custom setting affects only on page where you were. But I think I remeber that somebody told somewehre else that this is not good idea?
BTW. It would be nice to have some agreement about terminology concerning these menus and things.
Of course knowing what the blocked sites want is quite useful (* on custom bar and maybe it would be wise to let the option boxes only there.
*) But not without danger either: As far as I understand ticking an option on Custom bar leaves that option on everywhere for that particular site. Would be nice if this custom setting affects only on page where you were. But I think I remeber that somebody told somewehre else that this is not good idea?
BTW. It would be nice to have some agreement about terminology concerning these menus and things.
Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/57.0
Re: Highlighting in the yellow box
I think basically what Giorgio was saying is that it is better to set global presets and let them be, dont keep changing them. And whenever you want to do something different with a particular domain, that would be the time to use the Custom preset.daniel4859 wrote:Hello. Mr Maone, thanks for an answer. So, it's better to use a "CUSTOM" to modify options, instead of "TRUSTED"? I'm asking, because if I trust some website, I choose "TRUSTED" (however, I remove some options, such as: media, font and webgl) -- I noticed, that for most cases script is needed.
Generally, what are You suggesting? What is the best method to use NoScript v10? I know, that users can deploy something You have mentioned: "implementing a blacklisting mode opposite to the "normal" whitelisting mode". Does "my method" mentioned above (using "TRUSTED" without some options) is OK?
With version 10, I have been using most of the time the beta. If you are using a beta, the updater from within Firefox will inform you when a new beta is out. If you are using the regular stable version of NoScript, the updater informs you when a new stable version has been released.daniel4859 wrote: By the way; is it normal, that after installing NoScript from your website (a development version), it is no longer possible to update NoScript via "Tools > Addons > find updates"? I am asking, because I'd experienced such a situation. I had to install NoScript v10.1.6.1 from the addons.mozilla website (there was an information about various things, such as needed access etc.)
Bo
Last edited by bo elam on Tue Dec 26, 2017 10:25 pm, edited 1 time in total.
Mozilla/5.0 (Windows NT 10.0; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: Highlighting in the yellow box
I tell you a huge benefit of having the list. Before, in version 5, we couldnt see the list of Untrusted domains. It was very hard to monitor Untrusted domains and make changes as there was no list of Untrusted domains in the UI. To see it, you had to open the NoScript config text file, go to the bottom, and look at it. It was difficult to keep track of what you had in there. Now, its easy to monitor, and delete domains if you want. Or add. In my opinion, having the list of all domains in NoScript Options, all together, is an improvement.Tomatix wrote:@Giorgio In my opinion global settings should be removed or made read-only in the domains list. It seems to be too confusing and I also don't see actual benefits from having it there.
Bo
Mozilla/5.0 (Windows NT 10.0; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: Highlighting in the yellow box
I have absolutely nothing against the lists. I think you misunderstood the post.bo elam wrote:I tell you a huge benefit of having the list. Before, in version 5, we couldnt see the list of Untrusted domains. It was very hard to monitor Untrusted domains and make changes as there was no list of Untrusted domains in the UI. To see it, you had to open the NoScript config text file, go to the bottom, and look at it. It was difficult to keep track of what you had in there. Now, its easy to monitor, and delete domains if you want. Or add. In my opinion, having the list of all domains in NoScript Options, all together, is an improvement.Tomatix wrote:@Giorgio In my opinion global settings should be removed or made read-only in the domains list. It seems to be too confusing and I also don't see actual benefits from having it there.
Bo
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: Highlighting in the yellow box
Agree to all these points of yours.Guest wrote:I totally agree that the possibility of changing these fundamental settings here is very confusing and dangerous too. This highlighting thing is quite interesting but causes even more puzzlement when on default bar: you automatically want to tick this option and so it is on everywhere without you noticing anything. Maybe this highlighting could left there but not possibility of changing options.
Of course knowing what the blocked sites want is quite useful.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: Highlighting in the yellow box
OK, I see now, I guess you meant remove global settings from the NoScript menu.Tomatix wrote: I have absolutely nothing against the lists. I think you misunderstood the post.
FWIW, in my view, the menu and Settings are working out just fine the way they are.
Bo
Mozilla/5.0 (Windows NT 10.0; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: Highlighting in the yellow box
I personally think it is only confusing if one doen't pay attention.Tomatix wrote:@Giorgio In my opinion the global presets settings should be removed or made read-only in the domains list. It seems to be too confusing and I also don't see actual benefits from having it there.
Edit: clearer wording
The new interface is a lot more consistent than it was before.
If you click on default, and set checkmarks, you have changed the default (which means it changes how ALL pages that have no specified rule)
If you click trusted, and set checkmarks, you have changed the setting for trusted domains (all trusted domains)
I could understand the confusion about why this wouldn't be domain specific if not for
If you click on custom and set checkmarks, it creates a CUSTOM rule for that domain only.
If default and trusted also created custom rules, why would there be a custom button?
Not to mention the general weirdness of having a list of things that show "default" or "trusted" but all having individual settings.
And as for removing the ability to change the presets:
You have been here for a bit. You might have noticed that people have VERY different ideas of how they want things to be. Having them fixed would just mean one group is getting it the way they like, and about five would be annoyed.
Some of us have default empty (thus rendering the untrusted set moot). Some people really like the pre-installed settings. Some even have default "allow everything" and just untrust the pages they dislike (therefore rendering the trusted set moot)
Some prefer "trusted" to be still limited, and only give unlimited access to specific sites they push into custom.
I don't think removing that functionality for the benefit of users who don't read or think about what the UI tells them nor (in case of confusion) apply a bit of try and error is the right thing to do.
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Re: Highlighting in the yellow box
You mean it's OK to change the Default settings in that yellow box where you can do it easily by mistake?bo elam wrote: I guess you meant remove global settings from the NoScript menu.
FWIW, in my view, the menu and Settings are working out just fine the way they are.
Bo
I believed that you only need to do it once or twice in your lifetime. So why leave such a pitfall in a safety program?
Mozilla/5.0 (Windows NT 6.1; rv:57.0) Gecko/20100101 Firefox/57.0
Re: Highlighting in the yellow box
Because sometimes you sacrifice blatant user error to actually consistency in the interface.Quest wrote:You mean it's OK to change the Default settings in that yellow box where you can do it easily by mistake?bo elam wrote: I guess you meant remove global settings from the NoScript menu.
FWIW, in my view, the menu and Settings are working out just fine the way they are.
Bo
I believed that you only need to do it once or twice in your lifetime. So why leave such a pitfall in a safety program?
Not to mention that the worst thing that happens is your Firefox behaving as it does without NS.
And linguistically that's where these settings belong, when at the same place in custom you are supposed to set THOSE.
A counterargument are the disabled checkboxes for "script" in trusted and the ones under untrusted, but I personally like the compact "putting the options near the choices" instead of hiding them somewhere completely else in an option tree.
While it may be rare to change them, it currently is a good practice to keep checking on them semi frequently.
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0