Feat Req: Block FB Like button JS from exec' on other sites
Posted: Sun Aug 22, 2010 8:25 am
Hi,
My first post here and it's a feature request. I love NoScript and couldn't imagine going back to surfing without it. However, I would like to make a suggestion based largely around privacy concerns:
Social networking sites such as Facebook require JS to be enabled in order to work. Therefore we allow facebook.com and fbcdn.com permissions in NoScript to let their scripts run. However, my concern is that when you surf other sites that have a Facebook "Like" button (or their ilk), they clearly have a back door entry into our facebook accounts. I am told which of my friends have previously "liked" the page, my language settings, and even my name.
I would like to be able to be logged into and using Facebook, and simultaneously surf other websites at the same time; without them knowing that I am logged into Facebook and other information which I believe that these other sites should not be privy to.
Thus I request and additional setting for NoScript, such that select sites for which I have enabled JS, have an option of specifying a "home" site. For example NoScript could store these preferences as:
Allow facebook.com on facebook.com
Allow fbcdn.com on facebook.com
Allow google.com on *
Which would translate into allowing JS from google.com on all sites to execute, while allowing JS from facebook.com and fbcdn.com to execute on pages from facebook.com only. NoScript would have to do a little extra work in storing these "allowed on" pages, and also a little extra work to check the URL of the current page.
I would much appreciate it if you could take this into consideration for future releases; and thank you for an already great product!
Cheers
My first post here and it's a feature request. I love NoScript and couldn't imagine going back to surfing without it. However, I would like to make a suggestion based largely around privacy concerns:
Social networking sites such as Facebook require JS to be enabled in order to work. Therefore we allow facebook.com and fbcdn.com permissions in NoScript to let their scripts run. However, my concern is that when you surf other sites that have a Facebook "Like" button (or their ilk), they clearly have a back door entry into our facebook accounts. I am told which of my friends have previously "liked" the page, my language settings, and even my name.
I would like to be able to be logged into and using Facebook, and simultaneously surf other websites at the same time; without them knowing that I am logged into Facebook and other information which I believe that these other sites should not be privy to.
Thus I request and additional setting for NoScript, such that select sites for which I have enabled JS, have an option of specifying a "home" site. For example NoScript could store these preferences as:
Allow facebook.com on facebook.com
Allow fbcdn.com on facebook.com
Allow google.com on *
Which would translate into allowing JS from google.com on all sites to execute, while allowing JS from facebook.com and fbcdn.com to execute on pages from facebook.com only. NoScript would have to do a little extra work in storing these "allowed on" pages, and also a little extra work to check the URL of the current page.
I would much appreciate it if you could take this into consideration for future releases; and thank you for an already great product!
Cheers