MozillaZine


OLD NoScript 1.1.4, bookmarks and places friendly

Talk about add-ons and extension development.
johnlgalt

User avatar
 
Posts: 228
Joined: January 25th, 2005, 12:18 pm
Location: 3rd rock

Post Posted June 23rd, 2005, 11:04 am

Well, then, your extension is serving a double purpose....giving users functionality as well as highlighting stumbling blocks in the current code that need to be addresses prior to a major release of the program.

Now, if only the programmers were to take note and start doing something about it.

Blue_Drache

User avatar
 
Posts: 30
Joined: September 29th, 2004, 12:47 pm
Location: Skei's Haven, Krynn

Post Posted June 23rd, 2005, 11:21 am

Ok, "Automatically reload current page when permissions change" is causing problems for me. If this is checked, and I change permissions on a page, FF crashes every time.

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4

Extention List:
Adblock v.5d2
Mozilla Calendar 0.8.3+
Deepest Sender 0.6.4
IE View 1.2.4
Tab Clicking Options 0.5.2
TBP 1.2.7.1
NoScript 1.0.9
BBCode 0.4.1.1
FoxyTunes 1.1.1
CuteMenus - Crystal 0.4a
ImgLikeOpera 0.5.5
ReloadEvery 0.6.1

I've disabled that option, via the UI and now only manually re-load the page if necessary. That seems to have helped fix the problem.

On another note, instituting the temporary whitelist is a stroke of pure brilliance! I absolutely love it! It will cut down on the time I spend erasing and then re-building the whitelist.
Lofting the cyberwinds on teknoleather wings, I am...
The Blue Drache
At home & work: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7

johnlgalt

User avatar
 
Posts: 228
Joined: January 25th, 2005, 12:18 pm
Location: 3rd rock

Post Posted June 24th, 2005, 9:10 pm

weird - I have like 60 extensions installed and don't have a problem with the auto reload..

But I can tell you that I don't have the majority of the ones you have installed - in fact, other than NoScript, the only ones I have that you have are Adblock, IE View, and ReloadEvery.

For the tab Clicking / TBP, I use Tab Mix Plus - covers most of the functions of both of those in one extension.

oldaccountbegone
 
Posts: 228
Joined: March 3rd, 2004, 7:18 am

Post Posted June 25th, 2005, 11:42 pm

A bug report:
With noscript enabled adblock does not completely remove the ads on osnews.com
PS: The ads are inside the <noscript> tags so its valid in a way...any workaround?
Last edited by oldaccountbegone on June 27th, 2005, 7:50 am, edited 1 time in total.

oldaccountbegone
 
Posts: 228
Joined: March 3rd, 2004, 7:18 am

Post Posted June 27th, 2005, 7:48 am

In the recent nightly builds noscript disables moving the caret by the left and right keys

oldaccountbegone
 
Posts: 228
Joined: March 3rd, 2004, 7:18 am

Post Posted June 27th, 2005, 7:53 am

Deleted...
Last edited by oldaccountbegone on July 3rd, 2009, 3:40 pm, edited 1 time in total.

Giorgio Maone

User avatar
 
Posts: 3516
Joined: September 21st, 2004, 12:05 am
Location: Palermo - Italy

Post Posted June 27th, 2005, 8:35 am

aliumalik wrote:In the recent nightly builds noscript disables moving the caret by the left and right keys

FIREFOX bug 296764, go and vote it...

aliumalik wrote:
aliumalik wrote:A bug report:
With noscript enabled adblock does not completely remove the ads on osnews.com
PS: The ads are inside the <noscript> tags so its valid in a way...workaround usercontent.css

Is there a reason for you quoting yourself ;) ?

Anyway, thank you for your reports :)

myrdd1n
 
Posts: 30
Joined: June 18th, 2004, 11:56 am

Post Posted June 27th, 2005, 9:19 am

I dont want to discourage you from developing this extension but just for people who are having a lot of trouble with crashes etc:-
I'm currently using Adblock PLUS extension with a filter to block *.js and then you can just use Adblock PLUS's whitelist option using @@ to enable javascript on selected site.

Unless ofcourse i'm overlooking some other feature that this extension provides?

UPDATE:-
hmm on second thought, this extension will also block embedded javascript code?

Giorgio Maone

User avatar
 
Posts: 3516
Joined: September 21st, 2004, 12:05 am
Location: Palermo - Italy

Post Posted June 27th, 2005, 9:37 am

myrdd1n wrote:hmm on second thought, this extension will also block embedded javascript code?


This extension blocks JavaScript activity, no matter if JS is embedded, downloaded or injected.
AdBlock just prevents .js (and other types of) files from being downloaded.
It means, as you can understand, that if malicious code is placed in an inline event handler or as content of the usual <script>...</script> tags (it's what you mean by "embedded", I guess), AdBlock can't help - this is a work for NoScript :)

Actually I think they work very nice together, providing full-fledged content control.

Talking about "troubles", as I said many times before, they are severe Firefox flaws (not NoScript fault), and I'm actively helping Mozilla developers to fix them...

myrdd1n
 
Posts: 30
Joined: June 18th, 2004, 11:56 am

Post Posted June 27th, 2005, 9:55 am

ah i see. yea when i meant trouble,I didnt mean theres something wrong with the code of noscript. I just wanted to suggest a temperory workaround for people who cant get it to work with current non trunk release of firefox(due to its bugs as you mentioned). As for the inline js code i guess you can also use grease monkey for it to replace the stuff inbetween <script>...</script> etc but thats probably way too hard for novice users and maybe less efficient.

I can see how this extension could be very useful and much more user friendly compared to the other options. Keep up the good work, appreciate it.

IceDogg
 
Posts: 657
Joined: July 24th, 2004, 11:26 am

Post Posted June 27th, 2005, 1:04 pm

another thought on this, for myrdd1n suggestion, I don't want to allow ads on all the sites I want to allow javascript on. And myrdd1n's suggestion would do that. There is very very few (handful) that I would ever allow ads on.. but lots of sites I trust to have javascript on.

TychoQuad
 
Posts: 1263
Joined: December 11th, 2002, 12:30 am
Location: Australia

Post Posted June 28th, 2005, 5:24 am

Feature Request:

The ability to have NoScript as a toolbar icon instead of a statusbar one.

fantasylover
 
Posts: 15
Joined: May 6th, 2005, 3:08 pm

Post Posted June 28th, 2005, 6:09 am

Giorgio Maone wrote:There's a browser safer than Firefox...
...it is Firefox with <a href="http://www.noscript.net" title="Have a safer Firefox with NoScript"/><img alt="NoScript" src="http://www.noscript.net/noscript/logo.png" /></a>!


NoScript - a Firefox extension for whitelist driven safe JavaScript execution

Features - Screenshots - FAQ - Download

RECENT CHANGELOG

v 1.0.9
=====================================================================
+ Temporarily allow URLs (for current session only): temporary items
are shown in italics font
+ Clean uninstall in Deer Park
+ Added jar: to the default white-list, to allow about:plugin
and other "special" URLs to work out-of-the-box
x Better work-arounds for Firefox synchronization bugs
x Fixed conflict when a "View Source" window was open


TODO:
Turn javascript: links into regular links where JS is disabled (zasxae)
Block plugins as well

Add your item to the list :)


NoScript is extremely dangerous! If you make the mistake of ticking the "Global Allow All Scripts". When this option get ticked, it takes full control of Firefox and will NEVER allow Firefox window to gain control so that you can uninstall NoScript. You also can't get back into NoScript options to untick this "global" box either, once it is ticked. Reason is because NoScript prematurely aborts somewhere and automatically launches QFA. No matter what or how you answer it automatically takes Firefox v1.0.4 out before you can scroll down to Extensions to bring up the Extensions Install Window to uninstall it. I thought about trying to install another extension to bring this install window up, but you can't unless Firefox is fully operational and "on top", which never happens as long as the "global" button is active. The error box I got seemed to indicate that the ActiveX script or XPI Script was corrupt or something that would cause it to terminate NoScript incorrectly. So if you can't uninstall NoScript because the coding has 100% control over Firefox and because you accidently tick the wrong box because by putting another URL in the include list (to temporarily allow access) would crash your computer by hogging resources, then how do you install NoScript? Well I found a way, but it is only for the most experienced hacker. Back up RegEdit before doing any modification to RegEdit or you could lose you entire operating system!!

1) Uninstall Firefox v1.0.x completely (everything) by normal methods. I uninstall programs by going into XP's Control Panel --> Add/Remove --> Firefox v.1.0.x

2) Reboot and then open RegEdit and search for "Firefox" and F3 through and examine every entry.

3) I ONLY deleted the Firefox entries that showed up in the Left Pane and DID NOT touch any entry in the Right Pane. The ONLY entries deleted ONLY had Firefox in the title. So, if in the Left Pane, you found something that said "Firetune for Firefox" or (for example) "Firefox Download Manager", I didn't delete those entries either, because those where separate programs not related to "Firefox" or "Firefox v1.0.x".

4) Once the correct entries were removed, you reboot the computer and re-download the Firefox installer program from Mozilla using another browser or find the copy of the installer that I hope you saved to an unique folder somewhere. Re-install EVERYTHING. I use the custom install.

5) If done correctly, all installed extensions that were previously installed, including NoScript (all bookmarks are there also). The difference is that now you can access NoScript, or uninstall it (if you wish), or untick the "Global Allow" box.

Firefox v1.0.x will now be fully operational and everything that worked before will work now. This "fix" worked for my situation, but may or may not work for others. It's dependent on what there circumstances are. I uninstalled NoScript, because I deem it "Rogue", because it had too much control over Firefox. So is Firefox any safer when using NoScript? Maybe, if it is used with default settings and the global box is never ticked. Will I ever use it or recommend it to be used to other Firefox users? No, If it means having to hack a back door into the Firefox Extension/Theme installer just to uninstall a "Rogue" extension. It's nothing but a big hassle. However, I now have my Firefox back as I had I it prior to installing NoScript and the fix worked for me. I'm happy and I didn't have to pay Mozilla Microsoft advising rates (Microsoft charges too much as is) for something that should be provided for free, IMHO.

BenBasson
Moderator

User avatar
 
Posts: 13671
Joined: February 13th, 2004, 5:49 am
Location: London, UK

Post Posted June 28th, 2005, 6:17 am

Why is there a global allow option? If you want that, just disable the extension...

Giorgio Maone

User avatar
 
Posts: 3516
Joined: September 21st, 2004, 12:05 am
Location: Palermo - Italy

Post Posted June 28th, 2005, 6:40 am

fantasylover wrote:NoScript is extremely dangerous! If you make the mistake of ticking the "Global Allow All Scripts". When this option get ticked, it takes full control of Firefox and will NEVER allow Firefox window to gain control so that you can uninstall NoScript.

I dont' know how to say it politely, but the above statements (and the "explainations" that follow them) are pure nonsense :shock:

All the Allow JavaScript Globally does is resetting the CAPS script security preferences to the default onen (as they were set prior to install NoScript).

Cusser wrote:Why is there a global allow option? If you want that, just disable the extension...


It's basically a shortcut which have tha same effect as disabling the extension but with less hassle (you don't need to operate the extension manager for enabling/disabling temporarily NoScript protection).

I thought it would be useful to someone (it has been to me during test), but actually I don't use it since weeks ;)
Anyway, the only danger related to it is that NoScript is disabled (which, indeed, is a BIG danger 8) )
Last edited by Giorgio Maone on June 30th, 2005, 2:08 am, edited 1 time in total.

Return to Extension Development


Who is online

Users browsing this forum: No registered users and 1 guest