temp permitted sites not showing on permissions tab
Posted: Sun Jan 18, 2026 12:44 pm
Hello. I have been using NoScript with great satisfaction for many years. I do now have a question that I have been unable to answer on my own.
When I first open my browser for a session, I open the NS Options page, to ensure that all settings are at my chosen defaults. On the General tab, I have checked: Strict Default/deny (recently added by developer); Restore restrictions...; Any capability blocked...; and under presets: on Default tab I have frame, fetch, noscript, & other checked; on Trusted tab I have all options allowed (checked); on Untrusted tab I have no options allowed (all unchecked). I do have 3 sites only permanently set to trusted: archive.org; cloudflare.com; proton.me. When I open a new site/page, I will temporarily trust only those scripts that are required to allow me to do what I need to on the page; before I leave the page, I revoke all temporary permissions. This usually behaves as expected, however, I have found a few exceptions that concern me because they do not fit my understanding of how NS is expected to work.
Occasionally I will go to a site/page and find that one of the scripts on that page is already set to be temporarily alowed. Now, I am as capable of user error as the next person, I freely admit that I could forget to do the Revoke command before leaving a page, or that a browser malfunction of some kind might leave NS settings at other than my defaults (that is the reason for my review on every new browser session). But the following just happened to me immediately after I began a browser session and had verfied my default NS settings, including my per-site permissions. I went to a Tides and Currents page at noaa.gov that I use every morning. To see what I need to on that page I must temporarily allow noaa.gov and unpkg.com, but there are 3 other sites that I do not need to allow to run scripts: arcgis.com; digitalgov.gov; & googletagmanager.com. When I visited this page and clicked the NS icon in my browser bar to temporarily allow the 2 required scripts, I found that googletagmanager.com was already set to be temporarily allowed, even though a few moments before I had looked at my NS per-site permissions page, and it was not shown. This behavior isn't isolated to the named page, I see it at least once a day on a variety of sites/pages. My recollection is that it does nearly always involve a script with a name that seems to identify it with Google.
Is this expected behavior? If so, is there any place that I can examine all scripts that are set to be enabled this way, since I am not seeing them in per-site permissions under options? I am currently using NS v 13.5.10 in Firefox 115.32.0esr running under WIndows 7 Professional. I see identical behavior on my laptop, which runs up to date Linux Mint, using the current Firefox browser with the current NS versiojn for that platform. Thank you.
When I first open my browser for a session, I open the NS Options page, to ensure that all settings are at my chosen defaults. On the General tab, I have checked: Strict Default/deny (recently added by developer); Restore restrictions...; Any capability blocked...; and under presets: on Default tab I have frame, fetch, noscript, & other checked; on Trusted tab I have all options allowed (checked); on Untrusted tab I have no options allowed (all unchecked). I do have 3 sites only permanently set to trusted: archive.org; cloudflare.com; proton.me. When I open a new site/page, I will temporarily trust only those scripts that are required to allow me to do what I need to on the page; before I leave the page, I revoke all temporary permissions. This usually behaves as expected, however, I have found a few exceptions that concern me because they do not fit my understanding of how NS is expected to work.
Occasionally I will go to a site/page and find that one of the scripts on that page is already set to be temporarily alowed. Now, I am as capable of user error as the next person, I freely admit that I could forget to do the Revoke command before leaving a page, or that a browser malfunction of some kind might leave NS settings at other than my defaults (that is the reason for my review on every new browser session). But the following just happened to me immediately after I began a browser session and had verfied my default NS settings, including my per-site permissions. I went to a Tides and Currents page at noaa.gov that I use every morning. To see what I need to on that page I must temporarily allow noaa.gov and unpkg.com, but there are 3 other sites that I do not need to allow to run scripts: arcgis.com; digitalgov.gov; & googletagmanager.com. When I visited this page and clicked the NS icon in my browser bar to temporarily allow the 2 required scripts, I found that googletagmanager.com was already set to be temporarily allowed, even though a few moments before I had looked at my NS per-site permissions page, and it was not shown. This behavior isn't isolated to the named page, I see it at least once a day on a variety of sites/pages. My recollection is that it does nearly always involve a script with a name that seems to identify it with Google.
Is this expected behavior? If so, is there any place that I can examine all scripts that are set to be enabled this way, since I am not seeing them in per-site permissions under options? I am currently using NS v 13.5.10 in Firefox 115.32.0esr running under WIndows 7 Professional. I see identical behavior on my laptop, which runs up to date Linux Mint, using the current Firefox browser with the current NS versiojn for that platform. Thank you.