Re: [Bug-gnuzilla] Suggestion: JavaScript button

[awakeyet]

" uBlock Origin, and uMatrix."
heavily shilled addons. I will never trust these. I don't know why there has been such a massive push for these, even adblock edge got taken down even though it was perfectly fine. has anyone here ever even audited these? actually looked through all the code and made sure there's nothing "talking or pinging back" or doing something that goes against security? lets not poison the well here. nobody knows whats running inside.

"NoScript is designed to block scripts based on the
scripts' location, not based on what Web page you are currently looking
at."

That's totally incorrect. NoScript clearly shows the scripts that are (trying) to run (but can't since NoScript autoblocks them by default) (thank God) directly related to the webpage that you are on. if you want to go a step further down the paranoia hole of coolness, many people have suggested using NoScript and Request Policy together.


"A new add-on should be developed that blocks scripts in a way more
similar to NoScript, but then allows all scripts on a given page in a
way more similar to LibreJS at the press of a button."

seriously, this the the "temporarily allow all" button from NoScript and personally I think it's an unwise button to click, yet it's important that the option be possible, although I would never ever use it. why make a whole new addon that does a fraction of what NoScript already does, but in a much more unsafe way?


"I don't know any _javascript_ or have the time to be learning a new skill
right now. That being said, I am prepared to offer a bounty for a
Firefox add-on that does the job well (i.e. in a reliable way, *not* the
simple but possibly unreliable method I suggested previously). I can
offer $50. Would anyone else like to join me?"

I'm in actual shock. I can't handle what I'm reading. you don't know any _javascript_ (or apparenly the slightest idea of how it works) and actually want to pay someone $50 to make an addon that does the same job worse, than another addon that does that and many other things..

Please don't take what I'm saying the wrong way. I'm being respectful to you by being straight forward with you. I value honesty and I hope you value mine. This is really silly m8.


25. Jan 2017 09:04 by address@hidden:

> > I would personally also file the sugestion to NoScript, uBlock Origin, and uMatrix.
>
> The developer of QuickJava also suggested NoScript, but I don't think
> NoScript's infrastructure is capable of handling the task any better
> than QuickJava is. NoScript is designed to block scripts based on the
> scripts' location, not based on what Web page you are currently looking
> at. This makes sense from NoScript's perspective since it's a security
> suite, but not particularly helpful for what I'm proposing.
>
> Actually, the closest add-on I can think of is LibreJS, with its
> "temporarily allow all scripts" button (or whatever it's called). But I
> don't think using LibreJS as a base would be very wise due to the way it
> blocks _javascript_ being slow and causing rendering errors in some cases.
> A new add-on should be developed that blocks scripts in a way more
> similar to NoScript, but then allows all scripts on a given page in a
> way more similar to LibreJS at the press of a button.
> > If its outside the interest of these projects as well I would likely
> > develop it myself if I were in your position.
>
> I don't know any _javascript_ or have the time to be learning a new skill
> right now. That being said, I am prepared to offer a bounty for a
> Firefox add-on that does the job well (i.e. in a reliable way, *not* the
> simple but possibly unreliable method I suggested previously). I can
> offer $50. Would anyone else like to join me?
>
> -- 
> Julie Marchant
> https://onpon4.github.io
>
> Protect your emails with GnuPG:
> https://emailselfdefense.fsf.org