Hi,
I'm using some network hardware (gateway, printserver etc) which have web interfaces for configuration. So I think it would be helpful if noscript would auto whitelist local ip adresses (192.168.x.y).
Feature request: auto whitelist local ips
Feature request: auto whitelist local ips
Mozilla/5.0 (X11; Linux i686; rv:8.0) Gecko/20100101 Firefox/8.0
Re: Feature request: auto whitelist local ips
Without even trying to think of ways in which this could be misused (exploited), is it really so difficult to click *once* on "Allow 192.168.1.1", as I once did, and never have to bother again? (I have a similar setup.)
Or to open NoScript > Options > Whitelist and add https://192.168.1.1? (I'm assuming you took the additional precaution of configuring the router's Web interface to accept only secure, https connections.)
Being a holiday, I'll leave to others the challenge of finding exploits for the fact that not all hw uses the same local IP, so the proposal would indeed have to be in the wildcard form of 192.168.*.*. ... or whether any hw uses other non-publicly-routable spaces, like 5.x or 10.x. (Hamachi VPN uses 5.x.x.x)
Tongue-in-cheek, couldn't the "allow" have been done more quickly than the post here?
Happy Thanksgiving Day from the USA!
Or to open NoScript > Options > Whitelist and add https://192.168.1.1? (I'm assuming you took the additional precaution of configuring the router's Web interface to accept only secure, https connections.)
Being a holiday, I'll leave to others the challenge of finding exploits for the fact that not all hw uses the same local IP, so the proposal would indeed have to be in the wildcard form of 192.168.*.*. ... or whether any hw uses other non-publicly-routable spaces, like 5.x or 10.x. (Hamachi VPN uses 5.x.x.x)
Tongue-in-cheek, couldn't the "allow" have been done more quickly than the post here?
Happy Thanksgiving Day from the USA!
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.24) Gecko/20111103 Firefox/3.6.24
-
Alan Baxter
- Ambassador
- Posts: 1586
- Joined: Fri Mar 20, 2009 4:47 am
- Location: Colorado, USA
Re: Feature request: auto whitelist local ips
I think that's covered already by subnet matching.Ostfriese wrote:I think it would be helpful if noscript would auto whitelist local ip adresses (192.168.x.y).
http://noscript.net/features#sitematching
Whitelisting 192.168 should allow your whole subnet.
Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20100101 Firefox/8.0
Re: Feature request: auto whitelist local ips
Thanks to Alan for pointing to that. However, you still might consider considering securing the web interface to allow only https connections.Alan Baxter wrote:I think that's covered already by subnet matching.Ostfriese wrote:I think it would be helpful if noscript would auto whitelist local ip adresses (192.168.x.y).
http://noscript.net/features#sitematching
Whitelisting 192.168 should allow your whole subnet.
The FAQ isn't clear on whether subnet matching permits protocol matching as well, e. g. https://192.168.
Which is why Giorgio's FAQ and my humble opinion are in agreement:
Disconnect from the internet for safety, open the interface, allow 192 etc., configure to https if not already done so. Probably have to re-login to https://192.whatever. Then allow https://192.168.whatever.whatever yours is, and revoke the permission for http://192.etc.Giorgio Maone wrote:By the way, most of the time you prefer not to fiddle with your whitelist manually: just use the NoScript "Allow" and "Forbid" menu items, it's much simpler and error free!
Just hardening it a little bit more, says the guy in the tinfoil hat.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.24) Gecko/20111103 Firefox/3.6.24