InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

RFE: Prevent whitelisting of http:

https://forums.informaction.com/viewtopic.php?t=17128

Page 2 of 2

Re: RFE: Prevent whitelisting of http:

Posted: Wed Apr 15, 2015 7:21 pm
by barbaz
Just to point out, viewtopic.php?f=7&t=20723 , It does not sound like those entries were added by the user even accidentally.

So how useful is this safety catch if it's only in the Options dialog?
Is it realistic to implement it globally somehow?

Re: RFE: Prevent whitelisting of http:

Posted: Thu Apr 16, 2015 10:27 pm
by Thrawn
barbaz wrote:Is it realistic to implement it globally somehow?
I expect that it is - just reject those entries when reading the whitelist - but the question remains, how did this happen? It shouldn't be possible for a webpage to trigger it, and what could have been in the browser that would insert NoScript whitelist entries?

Re: RFE: Prevent whitelisting of http:

Posted: Sun Feb 21, 2016 10:58 pm
by barbaz
barbaz wrote:It does not sound like those entries were added by the user even accidentally.
viewtopic.php?p=81264#p81264
All times are UTC
Page 2 of 2

Powered by phpBB® Forum Software © phpBB Limited