InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

Allow HTTPS scripts globally on HTTPS documents

https://forums.informaction.com/viewtopic.php?t=22544

Page 1 of 1

Allow HTTPS scripts globally on HTTPS documents

Posted: Fri Feb 03, 2017 8:15 pm
by therube
Allow HTTPS scripts globally on HTTPS documents


What is that doing, in general.

And if that is set, what is happening here, https://localbitcoins.com/, in particular?
If set, the site is Allowed - automatically-ish.
Does not show up in the site list (such that you can Allow/Disallow), only shows up in Untrusted.

XP
FF 51
NoScript 2.9.5.3

NoScript | Options | Advanced -> HTTPS => Permissions

Re: Allow HTTPS scripts globally on HTTPS documents

Posted: Fri Feb 03, 2017 8:37 pm
by barbaz
therube wrote:What is that doing, in general.
Exactly what it says. When you've got a HTTPS page loaded, any HTTPS scripts will be automatically Allowed there, but plain HTTP scripts won't.
therube wrote:If set, the site is Allowed - automatically-ish.
?
therube wrote:Does not show up in the site list (such that you can Allow/Disallow), only shows up in Untrusted.
That's expected. To understand why, watch how the menu changes when you Allow Scripts Globally.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited