abe,untrusted,& elements
Posted: Mon Dec 17, 2012 1:52 am
hello Giorgio.
this is not really a bug report,but a features request.
1.)would it be possible for noscript to feed websites a false ip address?(mask the user's ip address.)
for example:the same way surrogates feed google search false/empty data.
how about showing websites/ads your ip address as 000.0.0.0???
2.)in abe,how come i can block data:image/png;base64, ,but i can't block data:image/png;base64,/ ???
for that matter,how come i can't block data:image/png;base64,/blahblah/blahblah/blahblah+blahblahblahblah...
same thing should apply to gif,jpg,bmp,& even data:image/svg+xml;base64, .
please,just add that functionality to abe.
3.)speaking of pictures...
while i know ns wasn't meant to be a picture blocker.it is!
3a.)is it possible for us to select our own picture replacements!?(any picture in any format from our hard-drives.)
this is useful for links under those pictures that are still needed.(otherwise,you are just pointlessly looking for
something you can't see.)
the abe rule should look something like this:
# TEST
Site http://www.example.com/a/pic.jpg=C:\Sub\picture.png
Deny
ofcourse,picture.png will replace pic.jpg within the webpage.
3b.)now,lets say i want to hide a link,and/or words.
for example:User avatar under somebody's avatar(not that i would,& the link/webpage would be blocked as well.),DCSIMG
under webtrends-live at mozilla.org/,or Loading under those annoying spinning gifs.
correct me if i'm wrong,but would the above abe rule be able to hide those links,and/or words???
i don't think picture size matters!?
after all webtrends-live picture is 1x1 pixels in size,but the DCSIMG has to be atleast 2x10 pixels.
if the above rule doesn't work,& i think it will in "this situation."
how about:
# TEST2
Site http://www.example.com/b/pic2.jpg_C:\Sub\Largepicture.png
Deny
please,add that functionality to abe/ns.
3c.)speaking of beacons/web bugs.
did you ever consider bringing that feature back?
privacy is part of security!!!
if not,how about automatically blocking any picture in any format that is 1x1 pixels in size from 1st,or 3rd party???
you would be surprised how many websites use their own in-house tracking(beacons/web bugs) ,& i'm tired of manually blocking them.
4.)could you please include wildcards ( * ) in abe!?
so,instead of:
sub1.example.com
sub2.example.com
sub3.example.com
it could be:
sub*.example.com
or
*.example.com
5.)is it possible to use the hosts file directly instead of untrusted?
provided one has a large list in C:\WINDOWS\system32\drivers\etc\hosts
i'm really tired of cross referencing sites/js from the hosts' block list!
the only stuff that should go into noscript's untrusted list.would be site specific js.(clearly,those can't be blocked
through hosts.)
6.)speaking of hosts...
Giorgio,have you ever thought of doing an update patch for the hosts file?
before you say no,hear me out.
6a.)i know that the OS/hosts can not read (* ,or #) ,but maybe the hosts should!
so,instead of:
???=com/'''=net
MAY RECAPTCHA ROT IN HELL!!!
it could be:
000.0.0.0 *doubleclick*
Note:no dots/dashes before,or after doubleclick,& doubleclick can be in the beginning/middle/end of any word.
6b.)for those legitimate websites who are foolish enough to stick their names into garbage/js,or ads.
for example:clicks.beap.bc.yahoo.com
how about:
000.0.0.0 +login.yahoo.com
000.0.0.0 +*.mail.yahoo.com
Note:the (+,& *) would allow all mail.yahoo.com server numbers.
the (+) would clearly bypass the 000.0.0.0 *yahoo*
legitimate pages are few,& far between.it's just easier to add them manually!
while the existing garbage/js,or ads,plus the new ones would be blocked.
you have to see the benefit in that!!!
the reason why it must be done in hosts,is because this would work for every browser.
instead of just ff with noscript.
Giorgio,please consider this!???
7.)about noscript...
Giorgio,i don't want to take away anything from your work/credits,or everyone who has helped!!!
however,i'm tired of dancing around it,& it accidentally opening.
we had all been there:
1.you clicked on the options,& the mouse jumps/jerks.
2.you clicked on the options,& started quickly to move away.
in both cases,the about noscript box had accidentally opened for the billionth time in a row.
WITH ALL DUE RESPECT,could you please put about noscript with a check-box in front of it into appearances?
8.)elements remover.
huh?what is this mess?
turn off,or block all js.then,hold the left mouse button down(don't accidentally open whatever you are clicking on) on an "absolutely positioned page element?" ,& hit the DELETE key.
yeah,that sounds very convenient.
especially,when i'm using a wireless mouse,& nowhere near a keyboard that i got unplugged anyway.(i use the on-screen keyboard from the start menu.)
Giorgio,how about this:
8a.)keep the js on.
8b.)lets use the "select" tool (cropped out rectangle) from paint.
8c.)use the right click button to crop out "any part" of the page,& let go.
8d.)you will see a new option in the right click menu.
Blocked
when you point to it.it will have 3 sub menus.
1.block.(obviously,whatever you had selected will disappear.)
2.collapse.(will make whatever you had selected collapse.then,turn into the restore(rectangle) ,& close (X) icons you see at the very top-right side of any browser.)
3.move,& collapse.(probably,in very distant/future updates.)
this one will have a circle(that you can click on,& drag it all over the page} in front of the restore(rectangle) ,& close (X) icons just like in number two.
this can be easily achieved by adopting,& improving upon the code used for embedding pictures/video into webpages.
then,use the code for that creepy little box(website feedback) that follows you around up,& down the page.
difference is,you will be able to move it around up,down,left,right,& leave it anywhere on the page.even in the middle.
all 3 options,& locations can be stored in untrusted.(or somewhere else.i don't really care.)
why save them?...because if you come back to that page,refresh it,or the same garbage appears on any subsequent page of that website.(for example:those annoying menus/links that appear at the top,& bottom of the page.)
they should be blocked!!!
just so we are clear:when i say blocked.i mean blocked.not hidden.
the same way when you hit the stop button,& the bottom of the page never loads.like that.
8e.)Giorgio,would it be possible to block only a part of something???
PLEASE,CONSIDER ALL OF THIS BEFORE YOU SAY NO???
i know i'm forgetting something,but this is more than enough.
@ Tom T.(anyone else.)
i know you like to over analyze every word,but i'm not going to argue with you for the next 10,or 20 pages about every little detail.(especially,considering how much i have here.)
so,i'm only going to say this:
1.i clearly remember some people saying,"it can't hurt to ask" for features requests.
don't suppose you remember one of those people,now would you?
2.no,i'm not installing 100 different plug-ins to get some of that functionality.
this is not really a bug report,but a features request.
1.)would it be possible for noscript to feed websites a false ip address?(mask the user's ip address.)
for example:the same way surrogates feed google search false/empty data.
how about showing websites/ads your ip address as 000.0.0.0???
2.)in abe,how come i can block data:image/png;base64, ,but i can't block data:image/png;base64,/ ???
for that matter,how come i can't block data:image/png;base64,/blahblah/blahblah/blahblah+blahblahblahblah...
same thing should apply to gif,jpg,bmp,& even data:image/svg+xml;base64, .
please,just add that functionality to abe.
3.)speaking of pictures...
while i know ns wasn't meant to be a picture blocker.it is!
3a.)is it possible for us to select our own picture replacements!?(any picture in any format from our hard-drives.)
this is useful for links under those pictures that are still needed.(otherwise,you are just pointlessly looking for
something you can't see.)
the abe rule should look something like this:
# TEST
Site http://www.example.com/a/pic.jpg=C:\Sub\picture.png
Deny
ofcourse,picture.png will replace pic.jpg within the webpage.
3b.)now,lets say i want to hide a link,and/or words.
for example:User avatar under somebody's avatar(not that i would,& the link/webpage would be blocked as well.),DCSIMG
under webtrends-live at mozilla.org/,or Loading under those annoying spinning gifs.
correct me if i'm wrong,but would the above abe rule be able to hide those links,and/or words???
i don't think picture size matters!?
after all webtrends-live picture is 1x1 pixels in size,but the DCSIMG has to be atleast 2x10 pixels.
if the above rule doesn't work,& i think it will in "this situation."
how about:
# TEST2
Site http://www.example.com/b/pic2.jpg_C:\Sub\Largepicture.png
Deny
please,add that functionality to abe/ns.
3c.)speaking of beacons/web bugs.
did you ever consider bringing that feature back?
privacy is part of security!!!
if not,how about automatically blocking any picture in any format that is 1x1 pixels in size from 1st,or 3rd party???
you would be surprised how many websites use their own in-house tracking(beacons/web bugs) ,& i'm tired of manually blocking them.
4.)could you please include wildcards ( * ) in abe!?
so,instead of:
sub1.example.com
sub2.example.com
sub3.example.com
it could be:
sub*.example.com
or
*.example.com
5.)is it possible to use the hosts file directly instead of untrusted?
provided one has a large list in C:\WINDOWS\system32\drivers\etc\hosts
i'm really tired of cross referencing sites/js from the hosts' block list!
the only stuff that should go into noscript's untrusted list.would be site specific js.(clearly,those can't be blocked
through hosts.)
6.)speaking of hosts...
Giorgio,have you ever thought of doing an update patch for the hosts file?
before you say no,hear me out.
6a.)i know that the OS/hosts can not read (* ,or #) ,but maybe the hosts should!
so,instead of:
Code: Select all
marketing(dot)2clickindustries(dot)???;anon(dot)2click(dot)speedera(dot)''';ad-g(dot)2click(dot)''';
ad(dot)ae(dot)2click(dot)''';pagead-dclk(dot)l(dot)2click(dot)???;2click(dot)ne(dot)jp;2click(dot)co(dot)uk;
www3(dot)2click(dot)''';www(dot)2click(dot)''';2click(dot)us;2click(dot)gov;2click(dot)whatever.MAY RECAPTCHA ROT IN HELL!!!
it could be:
000.0.0.0 *doubleclick*
Note:no dots/dashes before,or after doubleclick,& doubleclick can be in the beginning/middle/end of any word.
6b.)for those legitimate websites who are foolish enough to stick their names into garbage/js,or ads.
for example:clicks.beap.bc.yahoo.com
how about:
000.0.0.0 +login.yahoo.com
000.0.0.0 +*.mail.yahoo.com
Note:the (+,& *) would allow all mail.yahoo.com server numbers.
the (+) would clearly bypass the 000.0.0.0 *yahoo*
legitimate pages are few,& far between.it's just easier to add them manually!
while the existing garbage/js,or ads,plus the new ones would be blocked.
you have to see the benefit in that!!!
the reason why it must be done in hosts,is because this would work for every browser.
instead of just ff with noscript.
Giorgio,please consider this!???
7.)about noscript...
Giorgio,i don't want to take away anything from your work/credits,or everyone who has helped!!!
however,i'm tired of dancing around it,& it accidentally opening.
we had all been there:
1.you clicked on the options,& the mouse jumps/jerks.
2.you clicked on the options,& started quickly to move away.
in both cases,the about noscript box had accidentally opened for the billionth time in a row.
WITH ALL DUE RESPECT,could you please put about noscript with a check-box in front of it into appearances?
8.)elements remover.
huh?what is this mess?
turn off,or block all js.then,hold the left mouse button down(don't accidentally open whatever you are clicking on) on an "absolutely positioned page element?" ,& hit the DELETE key.
yeah,that sounds very convenient.
especially,when i'm using a wireless mouse,& nowhere near a keyboard that i got unplugged anyway.(i use the on-screen keyboard from the start menu.)
Giorgio,how about this:
8a.)keep the js on.
8b.)lets use the "select" tool (cropped out rectangle) from paint.
8c.)use the right click button to crop out "any part" of the page,& let go.
8d.)you will see a new option in the right click menu.
Blocked
when you point to it.it will have 3 sub menus.
1.block.(obviously,whatever you had selected will disappear.)
2.collapse.(will make whatever you had selected collapse.then,turn into the restore(rectangle) ,& close (X) icons you see at the very top-right side of any browser.)
3.move,& collapse.(probably,in very distant/future updates.)
this one will have a circle(that you can click on,& drag it all over the page} in front of the restore(rectangle) ,& close (X) icons just like in number two.
this can be easily achieved by adopting,& improving upon the code used for embedding pictures/video into webpages.
then,use the code for that creepy little box(website feedback) that follows you around up,& down the page.
difference is,you will be able to move it around up,down,left,right,& leave it anywhere on the page.even in the middle.
all 3 options,& locations can be stored in untrusted.(or somewhere else.i don't really care.)
why save them?...because if you come back to that page,refresh it,or the same garbage appears on any subsequent page of that website.(for example:those annoying menus/links that appear at the top,& bottom of the page.)
they should be blocked!!!
just so we are clear:when i say blocked.i mean blocked.not hidden.
the same way when you hit the stop button,& the bottom of the page never loads.like that.
8e.)Giorgio,would it be possible to block only a part of something???
PLEASE,CONSIDER ALL OF THIS BEFORE YOU SAY NO???
i know i'm forgetting something,but this is more than enough.
@ Tom T.(anyone else.)
i know you like to over analyze every word,but i'm not going to argue with you for the next 10,or 20 pages about every little detail.(especially,considering how much i have here.)
so,i'm only going to say this:
1.i clearly remember some people saying,"it can't hurt to ask" for features requests.
don't suppose you remember one of those people,now would you?
2.no,i'm not installing 100 different plug-ins to get some of that functionality.
.
