NoScript warns if using OpenID Authentication
Thank you very much for the sophisticated and helpful noscript addon, which are a lot of friends using.I have a concern with the XSS feature.When i use the OpenID Connect specification for...
View ArticleRe: NoScript breaks Amazon AWS Calculator page
You are running a very old version of NoScript. Please update NoScript to the latest development build (2.6.8.19rc2) and let us know if that solves your problem.If that does *not* help, could you leave...
View ArticleRe: Local links not working in FF28?
Giorgio Maone wrote:The way I was going to implement it is pretty simple, i.e. intercepting the load attempt in our nsIContentPolicy.shouldLoad() implementation and, if both the page and the...
View ArticleRe: InjectionChecker same-origin policy flaw
This has been deliberated design choice, based on:The availability of effective countermeasures against MITM attacks like the one you described (HSTS, ForceHTTPS, NoScript's built-in HTTPS...
View ArticleClik here to view.
Re: NoScript breaks Amazon AWS Calculator page
barbaz wrote:could you leave NoScript updated, try again to use the calculator with NoScript enabled, watch it fail, and post here any related messages you see in the Error Console...
View ArticleRe: NoScript breaks Amazon AWS Calculator page
It's not working because that's not the XSS filter that is triggering. Add^https?://([^/:]+\.)?cloudfront\.net/ver[0-9u]+/dictionary/(?:common|language/.+)\.txt(?:$|\?)to about:config ->...
View ArticleRe: block obnoxious loud videos
You could also disable the Flash plugin, which would kill a lot of them.
View ArticleRe: NoScript breaks Amazon AWS Calculator page
More and more sites are having problems with the content-type and content-disposition filtering, and in this case, I'm not sure that it's actually a mistake on Amazon's part.Perhaps these filters...
View ArticleRe: FlashGot doesn't always force use of my download manager
I'm not sure I understand your answer, Giorgio — it's not just intercepted audio/video files (some do get intercepted); sometimes regular program file downloads on some websites won't get intercepted...
View ArticleRe: InjectionChecker same-origin policy flaw
Please compare the following results; the first is with noscript.injectionCheck set to 2, the second with it set to 3 ...http://s3.postimg.org/tvjs0zzxf/noscrip ......
View ArticleRe: flashgot.[xxx].default folder suddenly appearing repeate
Schmye Bubbula wrote:Oh, thanks, Giorgio Maone— that was it.... What should it be set to? My Mac OS X "environmental variable" folder?/var/folders/WA/WA1FKS50GPyuWWLI++IggE+++TM/-Tmp-Is that right?It...
View ArticleRe: FlashGot doesn't always force use of my download manager
Schmye Bubbula wrote:But in any event, are you saying that there's nothing I can do to force it to always use DownThemAll, and even if there were, that it wouldn't be a good idea because "the built-in...
View ArticleRe: NoScript warns if using OpenID Authentication
Please check latest development build 2.6.8.20rc1, thank you.
View ArticleRe: InjectionChecker same-origin policy flaw
Please check latest development build 2.6.8.20rc1, thank you.
View ArticleClik here to view.
Re: InjectionChecker same-origin policy flaw
Confirmed fixed in development version. Thanks!
View ArticleNew reflections on Perspectives and notaries ?
are we going to re-examine the notaries question now that SSL is seriously broken?http://www.networknotary.org/firefox.htmlI can't believe that the open ended string was in TLS !There is also a...
View ArticleClik here to view.
Re: Local links not working in FF28?
barbaz wrote:Giorgio Maone wrote:Anyway I'd love to look at your implementation, thank you.sent by PMAfter a bit of testing and scrubbing Mozilla's source code, I've realized your approach, albeit...
View ArticleClik here to view.
Re: Local links not working in FF28?
Giorgio Maone wrote:your approach, albeit scary and necessarily incompleteI know Giorgio Maone wrote:So, if you don't mind, I'm gonna steal your idea, with many thanks.Fine by me, go for it! You're...
View ArticleRe: Bank of America Logging Me Out Without JS?
Are all the tabs reloaded when permissions change?If not, this behavior is easily explained, because while CAPS permissions where applied instantaneously, currently (post-CAPS) permissions are set...
View ArticleRFE: Resizable Options dialog
Per this post:Currently, the Options dialog is not resizable in Windows or Mac OS X, and in Linux, expanding it vertically just gives me a bigger blank space. It would be nice if the Options dialog...
View Article