Suggestion: Script scanner

[rshimizu12]

It would be helpful if there was Script scanner that would identify malicious and potential harmful scripts... It's a big hassle to unblock scripts until a page functions.

Thanks
Randy

[Thrawn]

There may be antivirus companies that sell such things, but it's a horrendously complicated and difficult task. JavaScript has a hundred ways to accomplish the same action, and can be obfuscated into an unreadable and undecipherable mass while still achieving the same result. Any efforts to automatically decipher it are going to be arduous, very limited, and easily circumvented.

Consider instead Giorgio's definition of trust: Will this site be accountable if it does or allows something malicious?
If so, then you can trust it. If not, then consider taking your business elsewhere.

[Tom T.]

You might also consider my somewhat more restrictive first test of need: Will the function I want work without this script source? If so, don't allow it. Keep the whiteliist and the Temp-Allow list as short as possible.

A bit of a hassle at first, but the sites you visit repeatedly quickly become permanently configured for you.

You might consider adding to the Untrusted list some or all of these sites as you encounter them. Then they will never clog the menu for you.

You might also consider the use of a third-party provider of a blocking HOSTS file, which prevents any attempt even to connect to their blacklisted sites, regardless of whether they attempt to run script. One such provider is
http://www.mvps.org/winhelp2002/hosts.htm
Currently has about 16,000 entries of adware, spyware, and malware sites.
That is not an official or personal endorsement, just that I've been using it for many years and been satisfied. I have no connection to that site.