InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

NoScript is blocking my email access

https://forums.informaction.com/viewtopic.php?t=24727

Page 2 of 2

Re: NoScript is blocking my email access

Posted: Thu May 10, 2018 3:48 pm
by Giorgio Maone
The-unknown-user wrote:So, is there anything else I can do or try?
Another user reported (privately) he needed to set also azureedge.net to TRUSTED.

Re: NoScript is blocking my email access

Posted: Sat May 12, 2018 9:13 pm
by The-unknown-user wrote
I wouldn't know where to find that. I've click "Allow all Scripts" until there weren't any more scripts to be allowed.

Re: NoScript is blocking my email access

Posted: Sun May 20, 2018 8:13 pm
by whoosh
I created an Outlook account a few days ago, with NoScript 5.1.8.5 active, and had no trouble creating it or logging in afterwards.

The domains I had to allow were:
live.com
gfx.ms (for logging in on login.live.com)
office365.com
azureedge.net (just for account creation)
(live.com and gfx.ms are in the default whitelist, so they are already allowed unless you removed them.)

And:
delve.office.com (for Contacts to work in Outlook beta)
browser.pipe.aria.microsoft.com (for Contacts, Outlook beta)

In addition, if you happen to also use ABL with EasyPrivacy, an exception is needed in the adblocker (to allow requests from "https:// browser.pipe.aria.microsoft.com/Collector/3.0/?......") in order for Contacts to work in Outlook beta.
(I tried to post my exception filter, in or out of a code box, but it triggers the forum's spam filter.)
The-unknown-user wrote wrote:I've click "Allow all Scripts" until there weren't any more scripts to be allowed.
Just a thought... Have you set NoScript to show "Full Domains" in the menu?

If that's your setting, "Allow all on this page" will set permissions with subdomains. Those narrower permissions (good for the page you're currently on) don't allow everything you'll need later. See if using base domains helps.

Re: NoScript is blocking my email access

Posted: Mon May 21, 2018 7:36 am
by whoosh
The-unknown-user wrote wrote:I wouldn't know where to find that. I've click "Allow all Scripts" until there weren't any more scripts to be allowed.
whoosh wrote:Just a thought... Have you set NoScript to show "Full Domains" in the menu?

If that's your setting, "Allow all on this page" will set permissions with subdomains. Those narrower permissions (good for the page you're currently on) don't allow everything you'll need later. See if using base domains helps.

Re-reading the end of my previous post, I realized it didn't explain its point sufficiently.
So... Amending:

"If that's your setting, "Allow all on this page" will set permissions with subdomains. Those narrower permissions (good for the page you're currently on) don't allow everything you'll need later."

At a couple of points in the login process, if every permission that *.live.com expects is not present, it directs to an Error page. And these Error page(s) do not list every domain that still needs "trusting" in NS' main menu. In particular, the final error (that displays on the actual email tab) appears as if all scripts were allowed - there is no option in the menu to "Allow all..." (though it happens that the needed domain is listed in "Recently blocked sites").

"See if using base domains helps."

If you prefer full domains, try these:

Code: Select all

TO LOG IN, ACCESS MAIL:

auth.gfx.ms 
login.live.com 
outlook.live.com 
ow1.res.office365.com
r1.res.office365.com

FOR CONTACTS / OUTLOOK BETA:  

res.delve.office.com
loki.delve.office.com
browser.pipe.aria.microsoft.com
All times are UTC
Page 2 of 2

Powered by phpBB® Forum Software © phpBB Limited