Giorgio Maone wrote:@Reboneer: the fact a clean profile doesn't help leaves me totally puzzled, as everybody should have the same problem but you're the only one reporting it so far Does it happen with a specific site or on every domain you try to allow?
Every domain. Although, on a few (such as slashdot), it doesn't work even after closing/opening Firefox.
I love this extension but I have one request that would be a real time saver. When visiting a site that has java scripts from mulitple locations it would be convenient to be able to allow them all at once instead of having to choose allow script from as many as four or five domians or sites.
the problem with divincem's suggestion is that many domains have scripts that one would like to keep off the whitelist along with some which one would like to allow. However, an option to "allow all scripts on this page" might be helpful, and could solve my problem noted many times above on this thread.
I am a big fan and evangelist of NoScript. I think I have found a tiny bug, however.
I visited the site http://www.east.uk.com, and wanted to enable js for that domain but was unable to do it through the taskbar icon, which only ofrered "Allow scripts globally". I was able to do it by manually entering the domain, and suspect its weird second level domain is interfering with NoScript's allow-by-domain mechanism.
@Chris: should be fixed in the current "minor" upgrade, NoScript 1.1.4.5.061127 (direct link only, no AMO yet).
@Reboneer: any 3rd party anonymizer/firewall/antyspyware? Google bar or other Google goodies maybe (but clean profile... hrm)?
@divincem, virtdave: Bulk (cascade and/or checkbox driven) allowance and blacklist for recurrent annoyances are already my top priorities for feature development, but they require time to be done right and safely. Please be patient
I cannot watch videos on cnn.com unless I click Allow Scripts Globally.
Allowing all of the scripts on the page to run individually does not work.
Putting cnn.com on the white list does nothing.
There are many other sites where I have the same problem.
Do you often feel that you must be from another planet, or wish you were?
Forgive me if I'm posting this under the wrong thread, I didn't know where else.
I'm a big fan of NoScript and install it on every machine I use. It works very reliably. I have a question (possibly a feature req. too) though. Is it possible to allow scripts from somedomain.com to run always, but only if the current page comes from somedomain.com. I.e. if the scripts from somedomain.com are bound on a 3rd party side, say, externaldom.com, scripts from somedomain.com should not automatically run. This should be possible, isn't it? If not, is it too much to request this feature?
@Alfred Neuman: you need to allow cnn.com, cnn.net and about:blank.
@calt129: it's not currently possible. It doesn't make much sense from a strict security POV, because if you trust somedomain.com when it's the main page you have no reason not to trust when its script are embedded in a different page, but I can see its value as an ad-blocking feature ("block 3rd party scripts", much like the old "block 3rd party images" or "block 3rd party cookies" options). RFE accepted
@Alfred Neuman:
All the three of them? are you sure? could you try on a clean profile (@virtdave, could you do the same)?
Notice that initially you get an intermediate screen stating WMP 9 can't be detected, but it goes away after 1st run.
I could imagine such a feature could block unintended XSS-vulnerabilities (e.g. see most recent Google XSS news). I had mostly big pages like Amazon, Ebay, Google, Yahoo etc in mind. I want their home pages to be able to execute JS but not when 3rd party pages embed Google Ads, Amazon lookups, etc. In short, I trust Ebay-scripts only when I'm on ebay.com. I hope it's clear what I mean. Anyway, thanks for the acceptance and keep up the good work
cnn ... you need to allow cnn.com, cnn.net and about:blank
Works fine for me (SeaMonkey) with those settings.
Fire 750, bring back 250. Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball CopyURL+ FetchTextURL FlashGot NoScript
Fire 750, bring back 250. Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball CopyURL+ FetchTextURL FlashGot NoScript
mozillaZine is an independent Mozilla community and advocacy site. We're not affiliated or endorsed by the Mozilla Corporation but we love them just the same.