Page 1 of 2
[RESOLVED] XDA and GoogleAPIs
Posted: Tue Oct 02, 2012 2:17 am
by link68759
It doesn't matter what I try, the FAQ just isn't explaining the concept well enough.
Site *.xda-developers.com
Accept from *.googleapis.com *.xda-developers.com
Deny
No logical variation of this syntax will allow googleapis.com for xda.
What am I doing wrong?
Re: XDA and GoogleAPIs
Posted: Tue Oct 02, 2012 7:03 am
by Tom T.
Reversing the
requesting site and the destination of the request.
Also, you must *allow* googleapis in NoScript. Then your ABE rule DENY blocks requests to googleapis from every site on the planet except the one from which you specifically allowed this request to pass (from xda to Gapi).
Re: XDA and GoogleAPIs
Posted: Tue Oct 02, 2012 7:16 pm
by GµårÐïåñ
Did you actually allow XDA and GAPI permanently in NoScript side of the equation?
/edit: holy crap, as soon as I wrote this, I read what TOM said and its practically the same thing. oh well, at least you hear it twice.
Re: XDA and GoogleAPIs
Posted: Wed Oct 03, 2012 5:19 am
by Tom T.
GµårÐïåñ wrote:Did you actually allow XDA and GAPI permanently in NoScript side of the equation?
/edit: holy crap, as soon as I wrote this, I read what TOM said and its practically the same thing. oh well, at least you hear it twice.
You made the same mistake as the OP: Reversing things. Maybe next time, try it the other way around:
Read the previous comments *before* posting, instead of *after*.
(said all in good fun and friendship; you know that, my friend.
)
Re: XDA and GoogleAPIs
Posted: Wed Oct 03, 2012 11:13 pm
by GµårÐïåñ
Tom T. wrote:You made the same mistake as the OP: Reversing things. Maybe next time, try it the other way around:
Read the previous comments *before* posting, instead of *after*.
(said all in good fun and friendship; you know that, my friend.
)
No, its the freaking last read message issue, and I am pretty good at not falling for that, but occasionally since it will stop at that, I read it and gut shot reply without realizing there was post by another until AFTER it refreshes and I see, crap, there are others in between. It doesn't happen often, you know me, but it happens. Good to know at least that I am still human
or am I
Re: XDA and GoogleAPIs
Posted: Thu Oct 04, 2012 5:05 am
by Tom T.
Oh, OK. I've been bitten by that "last read" thing, too. Really bad when the new posts are on a new page, and you get taken to the old page, to the post right after yours.
I'll edit out the Mr. Greens.
Re: XDA and GoogleAPIs
Posted: Thu Oct 04, 2012 11:57 pm
by GµårÐïåñ
Tom T. wrote:Oh, OK. I've been bitten by that "last read" thing, too. Really bad when the new posts are on a new page, and you get taken to the old page, to the post right after yours.
Bingo, that's what happened. I am pretty good at not falling for it, but on rare occasions, it happens. The usual ones that get me are the ones that get like a bazillion posts within like 30 minutes and you don't even realize that, hell you not only have a few posts, but few pages often on top of you. So when you make the statement you realize its freaking 5 pages too obsolete or by then so OT and irrelevant to the OP or the CT that it wasn't worth the time. Anyway, my apologies. The only reason I left the post was to basically publicly flog myself for making the mistake and utterly humiliate and shame myself into not doing it again.
Re: XDA and GoogleAPIs
Posted: Sun Oct 07, 2012 12:06 pm
by link68759
Tom T. wrote:Reversing the
requesting site and the destination of the request.
Also, you must *allow* googleapis in NoScript. Then your ABE rule DENY blocks requests to googleapis from every site on the planet except the one from which you specifically allowed this request to pass (from xda to Gapi).
I did try all variations; including reversing those. Good to know what the right order is.
Now having to allow googleapis! That is what I missed.
I don't like that. I want to see that it is being blocked, and be able to optionally allow it on other websites too.
Also, it isn't working. I allowed it, and here's my code:
Site *.googleapis.com
Accept from .xda-developers.com
Deny
With this, googleapis is being accepted everywhere. This is really, really frustrating me. If, on the off chance ABE is silently blocking it and giving no user feedback that it is doing so, then this is terrible. If I compiled a large list in ABE and all objects showed up as allowed on every website that tried to access them, I'd be in a real clusterflock trying to figure out what isn't working...
Re: XDA and GoogleAPIs
Posted: Sun Oct 07, 2012 11:31 pm
by Thrawn
link68759 wrote:This is really, really frustrating me. If, on the off chance ABE is silently blocking it and giving no user feedback that it is doing so, then this is terrible.
The interface for ABE does need work. Want to
help?
Re: XDA and GoogleAPIs
Posted: Tue Oct 09, 2012 9:31 am
by Tom T.
link68759 wrote: ...With this, googleapis is being accepted everywhere. This is really, really frustrating me. If, on the off chance ABE is silently blocking it and giving no user feedback that it is doing so, then this is terrible. ...
It's also user-configurable. Please look at
NoScript Options > Notifications and ensure that ABE is checked. If it isn't, there is your problem.
If checking this box eventually drives you nuts from all of the notifications, you may uncheck it once you are satisfied that ABE actually works.
If that doesn't do it, we'll go from there.
be able to optionally allow it on other websites too
Then you're better off not using ABE at all for this purpose (which was
not its original purpose -- see the introductory phrase of
FAQ 8.10). It's too cumbersome to keep modifying your rules over and over, so just remove googleapis from the whitelist (it's there by default), which puts it in the "default-deny" zone. (Don't "Mark As Untrusted", or it will not show in the main menu; you'd need to look in the Untrusted sub-menu.)
Then temporarily allow it at the sites you wish. Be sure to "revoke temporary permissions" before leaving the page or opening new tabs at which you don't want it allowed. (Or close/restart the browser, which ends temp permissions.) One mouseover to open the NS menu, and one click on TA Gapi. Simple and fast.
Re: XDA and GoogleAPIs
Posted: Tue Oct 09, 2012 9:03 pm
by GµårÐïåñ
link68759 wrote:With this, googleapis is being accepted everywhere. This is really, really frustrating me. If, on the off chance ABE is silently blocking it and giving no user feedback that it is doing so, then this is terrible. If I compiled a large list in ABE and all objects showed up as allowed on every website that tried to access them, I'd be in a real clusterflock trying to figure out what isn't working...
NO, it only appears that way. You are marking the rule to allow googleapis.com and it may seem like, oh god all sites have access now, but that's not true. Your rule in ABE is giving ONLY XDA access to it, which means be default EVERYONE gets hit by the deny portion. SO if anything, you crippled GAPI more than it would have been had you selectively allowed it in NS.
Re: XDA and GoogleAPIs
Posted: Wed Oct 10, 2012 4:13 am
by link68759
GµårÐïåñ wrote:link68759 wrote:With this, googleapis is being accepted everywhere. This is really, really frustrating me. If, on the off chance ABE is silently blocking it and giving no user feedback that it is doing so, then this is terrible. If I compiled a large list in ABE and all objects showed up as allowed on every website that tried to access them, I'd be in a real clusterflock trying to figure out what isn't working...
NO, it only appears that way. You are marking the rule to allow googleapis.com and it may seem like, oh god all sites have access now, but that's not true. Your rule in ABE is giving ONLY XDA access to it, which means be default EVERYONE gets hit by the deny portion. SO if anything, you crippled GAPI more than it would have been had you selectively allowed it in NS.
I hate to break it to you but I just verified that the ABE config I posted above is allowing googleapis globally. I switched out .xda-developers.com with another site, and xda is certainly still using it (and things are broken when I disable it within noscript).
EDIT;
I finally fixed it.
Site .googleapis.com
Accept from .xda-developers.com
Deny INCLUSION
Apparently the first . is required for googleapis: in the various literature (faq, manual), the . is suggested but examples are often listed without it, this should be corrected.
Edit 2:
What does "deny inclusion" actually mean?
Re: XDA and GoogleAPIs
Posted: Wed Oct 10, 2012 6:03 am
by Tom T.
I was going to suggest getting rid of the asterisks in the first place, but couldn't immediately find the old discussions on that issue, or remember the outcome.
They were
here and
here.
That was in January of this year. The
ABE Rules .pdf, Version 0.9, dated 2012-03-15, still shows asterisks before the dot in glob expressions.
I will again ask Giorgio to make all ABE documentation consistent on this issue, thanks.
What does "deny inclusion" actually mean?
There's an excellent, brief, non-tech explanation of that
here; go down the page to the part entitled
"
Cross Site Script Inclusion (XSSI)"
Re: XDA and GoogleAPIs
Posted: Wed Oct 10, 2012 6:48 am
by Giorgio Maone
link68759 wrote:
Apparently the first . is required for googleapis: in the various literature (faq, manual), the . is suggested but examples are often listed without it, this should be corrected.
Could you please point out the misleading places for me to correct them?
Thanks.
Re: XDA and GoogleAPIs
Posted: Wed Oct 10, 2012 7:10 am
by Tom T.
Tom T. wrote:... The
ABE Rules .pdf, Version 0.9, dated 2012-03-15, still shows asterisks before the dot in glob expressions....
Chapter 1.3, on Page 5, shows glob expression syntax as follows:
*.some.site.com instead of
.some.site.com
FAQ 8.10 shows in the first example:
Code: Select all
Site google-analytics.com *.google-analytics.com
Accept from friend.com *.friend.com friend2.com *.friend2.com
Whereas the example immediately below it uses the simple glob rule instead of the asterisks:
Code: Select all
Site .facebook.com .fbcdn.net .facebook.net
Accept from .facebook.com .fbcdn.net .facebook.net .mafiawars.com .eamobile.com