InformAction Forums

Can NoScript use whitelist just like RequestPolicy? Origin, destinations, origins-to-destinations. Will it be difficult to implement?

I don't understand what you mean; NoScript already has a whitelist similar to this, in Options-Whitelist.

Currently NoScript's whitelist applies globally, it's similar to 'Destinations tab' of RequestPolicy's whitelist. If I go to abc.com, Origins means I allow all requests from abc.com, Destinations means I allow all requests from def.com, Origins-to-destinations means I allow all request from def.com if I'm in abc.com.

newchina08 wrote:Currently NoScript's whitelist applies globally, it's similar to 'Destinations tab' of RequestPolicy's whitelist. If I go to abc.com, Origins means I allow all requests from abc.com, Destinations means I allow all requests from def.com, Origins-to-destinations means I allow all request from def.com if I'm in abc.com.

ABE FAQ may help accomplish your purpose. Also see sticky post, Site-Specific Permissions.

But ABE is not intuitive. I just wonder why RequestPolicy can do it, and why NoScript can't. They are similar, one is about request and the other is about script. And if I'm not wrong, I need to add sites to whitelist, then use ABE for advanced settings.



Isn't it much better using whitelist like this? Personally I think it maybe safer.

And I've seen that post (not all replies). But it started in 2009, and now it's 2012, I didn't see site-specific whitelist like RP. So I'm thinking is it difficult to implement?

Thrawn and I are working on an interface just for this purpose but in the meantime, the options provided are what you got at your disposal. You can use RP in conjunction with NS, like I do, so do the other two Tom and Thrawn who responded to you.

Also, NoScript 3.x for the desktop will make such site-specific permissions much more intuitive and part of a GUI. Unfortunately, it has not met projected schedule, partly because it involves a complete reworking of NS internals, and mostly due to the need to meet new Web threats, adjust NoScript to things broken by Firefox "updates" (recent NS release because of things that were broken by Fx 15+), etc. Please feel free to review the changelog to see how busy one sole developer has been to protect us quickly against each new threat.

It is still hoped to bring NoScript 3.0 to the desktop this autumn. Thank you for your patience.

In the meantime, if the ABE information is not clear to you, forum staff and members will be happy to help you with your specific needs.