InformAction Forums

I want to have anything at www.google.com over http to be blocked, but anything over https to be allowed.

I blocked everything, and then allowed https://www.google.com

After doing so and visiting an https Google site (such as Gmail), when I go back to http://www.google.com, the http version has been auto-added to my whitelist! What's going on here?

I don't think you can segregate an http://www.google.com from https://www.google.com. Both or neither I believe?

Looks like what I posted above is wrong .

If you first delete all matches for http://www.google.com (i.e. google.com, http://www.google.com and http://www.google.com) and then allow https://www.google.com (either by adding it manually in NoScript Options|Whitelist or having Appearance|Full Addresses checked, it should work as you expect it to: http:// is forbidden, https:// is allowed.
Please double check your whitelist, and that you've not checked by accident General|Temporarily allow top-level sites by default.

You may also be interested in NoScript Options|Advanced|HTTPS|Behavior.

Giorgio Maone wrote:If you first delete all matches for http://www.google.com (i.e. google.com, http://www.google.com and http://www.google.com) and then allow https://www.google.com (either by adding it manually in NoScript Options|Whitelist or having Appearance|Full Addresses checked, it should work as you expect it to: http:// is forbidden, https:// is allowed.
Please double check your whitelist, and that you've not checked by accident General|Temporarily allow top-level sites by default.

You may also be interested in NoScript Options|Advanced|HTTPS|Behavior.

Thanks Giorgio,

Turns out it was because I had "Allow sites opened through bookmarks" enabled. When I would click my main Google bookmark, it would auto-allow it, which makes sense. Works great now.

And that Advanced|HTTPS|Behavior page is just great, very useful. Thanks!