body {
...
cursor: url(http://www.truck-trial-modelle.de/grafiken/man.cur), default;
...
}
It doesn't matter if the webpage is whitelisted or not in NoScript, the image for the cursor isn't displaying.
Only if i disable ClearClick in NoScript, the image for the cursor is displaying.
Because of this.
Actually, upon review, I'm gonna change this countermeasure in the near future: specifying an id won't work anymore, but custom cursors won't be affected unless there's a subdocument embedded in the page.
Giorgio Maone wrote:custom cursors won't be affected unless there's a subdocument embedded in the page.
Personally, I'd like to leave this protection on regardless of subdocument presence. When this change is made, could we please have an about:config-only preference that toggles whether the cursorjacking protection applies to all pages or only pages with subdocuments?
*Always* check the changelogs BEFORE updating that important software!
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.152 Safari/537.36
Giorgio Maone wrote:custom cursors won't be affected unless there's a subdocument embedded in the page.
Personally, I'd like to leave this protection on regardless of subdocument presence. When this change is made, could we please have an about:config-only preference that toggles whether the cursorjacking protection applies to all pages or only pages with subdocuments?
OK. Applying it independently from subdocument presence will probably add little or no security, but it's likely to be more efficient (no need to hit the DOM for checking).
