InformAction Forums

I need to be able to whitelist a top level domain, not just second and third level subdomains. How can I do this?

I have added a top level domain, but it appears to be ignored.

DaVinci wrote:I need to be able to whitelist a top level domain, not just second and third level subdomains. How can I do this?

I have added a top level domain, but it appears to be ignored.

That is because whitelisting a TLD is virtually the same as "Scripts Globally Allowed (dangerous)", because you have no idea what second-level domains have registered, or will register, with that TLD in the future. Thus exposing you to the entire scripting universe of that TLD. This is why NS will not let you do this. Even .edu could have an evil person register some malicious site under an innocent-appearing *.edu subdomain name.

Trying to stretch the imagination, perhaps you have created some private, unregistered TLD on your own LAN or whatever. Just whitelist all sites within it, or whitelist the LAN IP of that internal domain, if that is really what you want to do.

Trying to stretch the imagination, perhaps you have created some private, unregistered TLD on your own LAN or whatever. Just whitelist all sites within it, or whitelist the LAN IP of that internal domain, if that is really what you want to do.

As a matter of fact, we do have a private tld and that tld is reachable over the public internet with several hundred well controlled subdomains. It is practicly impossible for a malicious person to register a subdomain that would have malicious code. At least no more possible than putting the code into an existing subdomains code.

DaVinci wrote:As a matter of fact, we do have a private tld and that tld is reachable over the public internet with several hundred well controlled subdomains. It is practicly impossible for a malicious person to register a subdomain that would have malicious code. At least no more possible than putting the code into an existing subdomains code.

If they're in the same subnet, then you can do it: http://noscript.net/features#shorthand

Unfortunately, I have the whole internet address range to deal with, so the shorthand method will not work.

If you have a complete list of the registered subdomains, then you could export your whitelist, add the list of subdomains, and re-import it.

Thrawn wrote:If you have a complete list of the registered subdomains, then you could export your whitelist, add the list of subdomains, and re-import it.

Unfortunently, I do not have such a list. This is why I needed to use the tld. I am not the controller of such things, only a lowly scripter.

DaVinci wrote:

Thrawn wrote:If you have a complete list of the registered subdomains, then you could export your whitelist, add the list of subdomains, and re-import it.

Unfortunently, I do not have such a list. This is why I needed to use the tld. I am not the controller of such things, only a lowly scripter.

The controller of such things needs to know that you need to know exactly which subdomains to whitelist, else you cannot have NoScript's full protection.
Please feel free to point the controller of such things to this topic, and perhaps to join the discussion.