InformAction Forums

hello,

i'm trying to whitelist a https url. i have whitelisted the entire domain (it is listed without schema in the whitelist pane), but when i access the https://domainnamehere.com/ url, the noscript icon shows with a crossed red circle anyway, and the context menu only lists the complete https://domainnamehere.com/ url, does not offer to whitelist the domain only (without schema); the problem is that i have to whitelist it every time i visit the page, for some reason noscript does not remember this whitelisting. it does not add the absolute url to the whitelist, my guess is that's because the plain domain name is already there; it doesn't allow me to manually enter the absolute https:// url either.

i have tried to search the forum for "https whitelist", but it helpfully replied, that both of these words are too common to search for.

any suggestions will be appreciated.

mm, could you try forbidding the base domain and then reallowing it?
At that point, https://domain.com should be allowed as well.

ok, that worked. but why didn't the whitelist for the entire domain work?

Because of a CAPS (the internal Mozilla script management technology) parser implementation glitch, if you allow a domain with just one dot inside, you need to explicitly allow also the full addresses containing the same domain verbatim, otherwise they're not considered allowed. Subdomains, though, are automatically implied.
NoScript hides this implementation detail by adding http:// and https:// addresses behind the curtains as you add the base domain.
So what likely happened is that at a certain point https://domain.com got forbidden explicitly.