InformAction Forums

When using NoScript with RequestPolicy, there's a lot of double-handling; third-party sites have to be whitelisted in both places.

This is by design, of course, but it would be helpful if we could think of a way to reduce it. The thing is, if you're running RP, then you don't really need NS to block third-party scripts.

Maybe NS could have a a mode where, if the top-level site is whitelisted, then all third-party scripts are allowed while on that site, on the assumption that RP will manage them. Kind of the opposite of 'Temporarily allow top-level sites by default'. This would be similar to the Host Permissions (or Tab Permissions) addon behavior, but managed via NoScript (which is more reliable and less quirky - and the whole point of this is to reduce double-handling, so you don't want to use those addons alongside NS).

Ideally, this would not involving whitelisting those sites, so if you later visit them as first-party sites, they're blocked, and if you change back to the default mode, you don't have to revoke any permissions. But that's not critical.

Anyone's thoughts? Any other potential approaches?

To be honest, I have always found the redundancy to be refreshing and keep security intervention proactive. I guess I am a glutton for punishment or a masochist, not sure. But the new version of RP, although I hate the interface, is much more relaxed in its absolutes, so that might be the useful compromise.

I use both as the RP 1.0 beta is very nice but I'm not sure if both together is a hinderance to each other. I hope they play nice with each other and strengthens Firefox's security.