Implementation for blocking cursorjacking?
Forum rules
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.
This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.
Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.
This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.
Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
Implementation for blocking cursorjacking?
Is it possible to implement a setting to block/stop cursorjacking? If not, please explain in detail why not.
Please keep it clean, as I already have been attacked, ridiculed, backlashed and insulted over at forums.mozillazine for bring up this subject.
Thanks.
Please keep it clean, as I already have been attacked, ridiculed, backlashed and insulted over at forums.mozillazine for bring up this subject.
Thanks.
Re: Implementation for blocking cursorjacking?
Please explain in as much detail as possible what you mean with "cursorjacking" and why/how this should be blocked.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Implementation for blocking cursorjacking?
Blocking websites and/or third party websites from having access to the end users cursor. This answer is for your first two questions.Moonchild wrote:Please explain in as much detail as possible what you mean with "cursorjacking" and why/how this should be blocked.
I am not a developer, so I would not know how. This answer is for your third question.
Re: Implementation for blocking cursorjacking?
See: http://forum.palemoon.org/viewtopic.php ... 872#p22688
"Having access to" the mouse pointer can't be avoided, unless you mean any sort of "access" that wasn't mentioned yet...
Why should cursor manipulation be blocked, exactly? What is the alleged "jacking"? What is the perceived problem, exactly? Details, please.
As for the third, I meant to ask you "what would be the desired behavior instead?" in detail, too.
"Having access to" the mouse pointer can't be avoided, unless you mean any sort of "access" that wasn't mentioned yet...
Why should cursor manipulation be blocked, exactly? What is the alleged "jacking"? What is the perceived problem, exactly? Details, please.
As for the third, I meant to ask you "what would be the desired behavior instead?" in detail, too.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Implementation for blocking cursorjacking?
Moonchild wrote:See: http://forum.palemoon.org/viewtopic.php ... 872#p22688
"Having access to" the mouse pointer can't be avoided, unless you mean any sort of "access" that wasn't mentioned yet...
Why should cursor manipulation be blocked, exactly? What is the alleged "jacking"? What is the perceived problem, exactly? Details, please.
As for the third, I meant to ask you "what would be the desired behavior instead?" in detail, too.
Odd that the browser may control and stop websites from modifying popup windows [dom.disable], but can't stop websites from modifying or adding junk to the cursor.
User preference.
Making cursor disappear to pop in a .js app thingy jquery I think it's called.
Cursor disappears for a second or two when .js is injected into cursor.
For desired behavior would be, leavemycursoralone.
Re: Implementation for blocking cursorjacking?
jquery is a standard JavaScript library. See http://jquery.com/ It is benign
It's also not injected into the cursor but if you are worried that it might be somehow pulling in scripts through CSS cursors designated by URLs, that is not possible. Only images are allowed (and animated images are made static, too). .js can't be loaded into the cursor.
See: https://developer.mozilla.org/en-US/doc ... imitations
"leave cursor alone" should be possible by forcing it to "auto", see the other thread.
It's also not injected into the cursor but if you are worried that it might be somehow pulling in scripts through CSS cursors designated by URLs, that is not possible. Only images are allowed (and animated images are made static, too). .js can't be loaded into the cursor.
See: https://developer.mozilla.org/en-US/doc ... imitations
"leave cursor alone" should be possible by forcing it to "auto", see the other thread.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Implementation for blocking cursorjacking?
Moonchild wrote:jquery is a standard JavaScript library. See http://jquery.com/ It is benign
It's also not injected into the cursor but if you are worried that it might be somehow pulling in scripts through CSS cursors designated by URLs, that is not possible. Only images are allowed (and animated images are made static, too). .js can't be loaded into the cursor.
See: https://developer.mozilla.org/en-US/doc ... imitations
"leave cursor alone" should be possible by forcing it to "auto", see the other thread.
Ah so I think I am confused and was getting cursorjacking/clickjacking mixed up with jquery.
So may we restart over and ask for implementation of blocking jquery > cursor? I don't even know if that is the correct question or even if its possible.
Blocking stuff like this period, through the browser. Like maybe using a dom setting targeting anything that matches what ever are in these jquery's to be loaded next to the cursor?
Because one jquery javascript library was able to be blocked, and from my understanding, to block all cursor jquery's I would need a list of all of these library's that are made for the cursor..
example of blocking one globally: prettyloader
http://forums.informaction.com/viewtopi ... 86&#p67786
Since I am asking a new question "I think"
Is this above possible, blocking cursor jquery's through the browser core "dom setting"?
Please don't get mad.
Re: Implementation for blocking cursorjacking?
I don't think there's much you can do about websites using DHTML to create "floating elements" that follow the cursor. It's just using the normal web standards that are implemented in just about every browser to "prettify" the web site.
You can probably use an ad blocker to block specific elements you don't want to see, but it would be beyond the scope of Pale Moon to make selective preferences for every potential dynamic web CSS/HTML/Script rule out there.
And I'm not mad
You can probably use an ad blocker to block specific elements you don't want to see, but it would be beyond the scope of Pale Moon to make selective preferences for every potential dynamic web CSS/HTML/Script rule out there.
And I'm not mad
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Implementation for blocking cursorjacking?
Moonchild wrote:I don't think there's much you can do about websites using DHTML to create "floating elements" that follow the cursor. It's just using the normal web standards that are implemented in just about every browser to "prettify" the web site.
You can probably use an ad blocker to block specific elements you don't want to see, but it would be beyond the scope of Pale Moon to make selective preferences for every potential dynamic web CSS/HTML/Script rule out there.
And I'm not mad
I understand it way much better now. Maybe I'll build a personal [even up to making it public] list subscription of all standard known objects example of one:prettyloader.
Thanks a bunch, huge help.
Re: Implementation for blocking cursorjacking?
I remember seeing a menu item somewhere with a label like "prevent pages from modifying the cursor" (i.e. change it to a finger over a button, for example). I really can't remember if it was in an addon or though a GreaseMonkey script or a userstyle. I have never tried it, so I can't say if it worked only for cursors changed with a CSS or Javascript or if it worked in all cases. If you visit weird sites that have nasty ideas, it may prevent the website to litterally replace the cursor with a blank cursor. Otherwise, I'm not too sure of its usefullness.
Alas, I did a quick search and can't find it.
Alas, I did a quick search and can't find it.
Michel Gagnon
Montréal (Québec, Canada)
Montréal (Québec, Canada)
Re: Implementation for blocking cursorjacking?
Not sure if this is beyond the 'necro' timeline or not.
I use an addon called 'ControldeScripts' rather than NoScript. It allows global and custom profiles for editing what 'events' JavaScript can manipulate. This includes the 'MouseOver' and such events.
If you have issues with cursors being changed randomly, then I sincerely suggest scanning your computer for potential malware or just not visiting those specific websites. You can also use a proxy site to visit that website and see if it still works.
I use an addon called 'ControldeScripts' rather than NoScript. It allows global and custom profiles for editing what 'events' JavaScript can manipulate. This includes the 'MouseOver' and such events.
If you have issues with cursors being changed randomly, then I sincerely suggest scanning your computer for potential malware or just not visiting those specific websites. You can also use a proxy site to visit that website and see if it still works.