InformAction Forums

I had a problem trying to order ink at HP a while ago. (The site loaded and I was able to place the order but was NOT able to insert credit card information.) therube told me the site needed speedera.net and hp-www.com. When I added hp-www.com the site worked.

I recently was at the site again and removed the hp-ww.com and replaced it with hp-www.com in my NoScript whitelist.

What is hp-ww.com and hp-www.com? If I don't have hp-ww.com allowed I can't click on much at the site; and without hp-www.com I can't insert the credit card information.

(I thought hp-ww was a mistake, but it shows up when I bring up NoScript.). Also, if they are both necessary my exported noscript list doesn't have hp-www. Can I just make sure are both in the whitelist and export a new whitelist?

Thank you.

Sincerely, Libra

Libra wrote:I had a problem trying to order ink at HP a while ago. (The site loaded and I was able to place the order but was NOT able to insert credit card information.) therube told me the site needed speedera.net and hp-www.com. When I added hp-www.com the site worked.

I recently was at the site again and removed the hp-ww.com and replaced it with hp-www.com in my NoScript whitelist.

What is hp-ww.com and hp-www.com? If I don't have hp-ww.com allowed I can't click on much at the site; and without hp-www.com I can't insert the credit card information.

The full domain name of hp-ww.com, before whitelisting, shows as welcome.hp-ww.com. But just adding hp-ww.com automatically includes "welcome." or
any sub-domain of hp-ww.com.
So yes, add that to your whitelist, or else temporarily allow it when you visit. It sounds as though you visit often, so whitelisting is fine.

I didn't find a hp-www.com, but only the master site, Is that the confusion?

In any event, with (or just hp.com) and hp-ww.com whitelisted (and speedera temp-allowed as per therube), I almost bought a new computer. Using a fake name, address, e-mail address, etc. I was able to enter a (fake) credit card number with no trouble. Then exited.

(I thought hp-ww was a mistake, but it shows up when I bring up NoScript.).

No mistake. It's the second-level domain name of what they call their welcome script or whatever.

Also, if they are both necessary my exported noscript list doesn't have hp-www. Can I just make sure are both in the whitelist and export a new whitelist?

Sure. But not hp-www.com, just the two above, as I did to make it work.
Or add them manually to your exported file, which is a simple text file and is easy to edit. Scroll down to "whitelist", and add them. Leave exactly one blank space between entries. After doing so, mine looks like this: I assume this is for importing to another machine?
If it's for backup purposes, it's better to back up your entire profile.

Thank you.

You're very welcome.

Thank you Tom. I apologize for the delay in getting back here. I removed the three sites for HP and wrote down hp.com, hp-ww.com and speedera.net. I go to HP if I'm having a problem with my printer or to order ink. I know they use web beacons there. I will refer to my notes when I have to go there and give temporary permission.

I will also use MozBackup. I didn't think of that regarding NoScript.

Sincerely, Libra

Libra wrote:I apologize for the delay in getting back here.

No problem!

I know they use web beacons there. I will refer to my notes when I have to go there and give temporary permission.

Good point: Why no "Forbid Web Bugs" for Trusted sites? I'll request that.

Thank you Tom.

You're very welcome. Will mark as resolved.

Got resolution on the "web bugs at trusted sites" here.

Good idea to only temp-allow HP, but you might check out the RequestPolicy add-on, which can block such cross-site requests even for an image (web bug), not just a script or code object, as NS does. It's a great addition to the safety arsenal anyway, and NS + RP complement each other beautifully.