I am not seeing the behavior you report. Browsing those sites does not allow cloudfront for me.
What I will say is that the only way for a site to tamper with NoScript's whitelist would be to attack a security hole in the browser itself. I doubt that a site like Cloudfront could do that without getting found out and slammed.
You definitely haven't checked 'Temporarily Allow Top-Level Sites by Default'?
Are you, by any chance, confusing cloudfront.com with cloudfront.net?
What I will say is that the only way for a site to tamper with NoScript's whitelist would be to attack a security hole in the browser itself. I doubt that a site like Cloudfront could do that without getting found out and slammed.
You definitely haven't checked 'Temporarily Allow Top-Level Sites by Default'?
Are you, by any chance, confusing cloudfront.com with cloudfront.net?