InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

Temporarily allow top-level sites by default:

https://forums.informaction.com/viewtopic.php?t=12920

Page 1 of 1

Temporarily allow top-level sites by default:

Posted: Wed Feb 27, 2013 3:35 am
by klepto
If I enabled this it would be easier to manage what needs to be blocked, but could I be susceptible to drive by downloads?

Please give me some advice about this. Should I enable it?

Re: Temporarily allow top-level sites by default:

Posted: Wed Feb 27, 2013 4:47 am
by Thrawn
klepto wrote:If I enabled this it would be easier to manage what needs to be blocked, but could I be susceptible to drive by downloads?
You're right on both counts. You won't need to manually trust the top-level site any more, but if that site contains malicious code, it will be able to attack you.
Please give me some advice about this. Should I enable it?
I wouldn't enable it. It's just to make NoScript more acceptable to people who don't want to have to configure each site, but you can't take that kind of shortcut without being at risk.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited