Whitelisting subdomains for https connections only
Posted: Tue Dec 20, 2016 10:19 am
Is there a way to allow scripts to run on all subdomains of a site but only when sent over https? In other words is there a way to whitelist https://*.google.com ?
The "Forbid active web content unless it comes from a secure (HTTPS) connection" option is not what I am looking for because I still want to allow other http sites to run scripts.
The "Force the following sites to use secure (HTTPS) connections" option is also not what I am looking for because I still want http://*.google.com to be allowed to load but not allowed to run scripts. This option can also break OCSP when https://www.google.com is loaded OCSP queries http://clients1.google.com/ocsp which NoScript converts to https causing another OCSP query resulting in an infinite loop.
Thanks in advance for any suggestions.
The "Forbid active web content unless it comes from a secure (HTTPS) connection" option is not what I am looking for because I still want to allow other http sites to run scripts.
The "Force the following sites to use secure (HTTPS) connections" option is also not what I am looking for because I still want http://*.google.com to be allowed to load but not allowed to run scripts. This option can also break OCSP when https://www.google.com is loaded OCSP queries http://clients1.google.com/ocsp which NoScript converts to https causing another OCSP query resulting in an infinite loop.
Thanks in advance for any suggestions.