Want to talk about NoScript? Post here. Topic is solved

General discussion, compatibility and contributed extensions.

Moderators: FranklinDM, Lootyhoof

Nightbird
Fanatic
Fanatic
Posts: 248
Joined: 2016-07-18, 21:12

Re: Why is my topic closed??

Post by Nightbird » 2018-05-12, 01:42

I don't know if you are a beginner but this link can (perhaps) help you (even with FF) :

https://www.ghacks.net/2016/03/25/noscr ... ers-guide/
Last edited by Nightbird on 2018-05-12, 01:45, edited 1 time in total.
Diversity is key.

Skaendo
Apollo supporter
Apollo supporter
Posts: 46
Joined: 2016-02-28, 21:58

Re: Need for NoScript is a failure of browser community

Post by Skaendo » 2018-05-12, 01:57

BugRepor42 wrote:So how about stopping auto play HTML5 videos by default? How about preventing cross-domain JS? How about doing something about browser fingerprinting?!
I do all these things, albeit via add-ons. It would be nice to have a browser that did all this stuff at its core.

User avatar
Pallid Planetoid
Knows the dark side
Knows the dark side
Posts: 3498
Joined: 2015-10-06, 16:59
Location: Los Angeles CA USA

Re: Why is my topic closed??

Post by Pallid Planetoid » 2018-05-12, 02:12

First of all -- the thing I'm most upset about is Pale Moon support locking threads on this subject. Please -- this should be an open forum and just because people in high places feel that everything has been covered should not in my opinion take it upon themselves to shutdown discussion.

I frankly do not have much of a problem with what has been implemented concerning NoScript -- but I am darn upset over shutting down civilized free speech in a forum discussion board.

Clearly it's not at all a problem to keep using NoScript as has been pointed out many times:
The method to keep using Pale Moon is clear enough
The method to keep using Pale Moon is clear enough
With that said -- as we all know it is up to the user to know what to do to get a website to render correctly using NoScript. And I wanted to just add that it's not just blocking Scripts that NoScript provides users for an additional level of security but there are also many other security functions that NoScript provides to users as well two of which I personally use extensively my self that help avoid potential critical security issues.

Simply take a look at all the security options available in NoScript beyond that of various levels of script blocking: https://noscript.net/features i.e. XSS protection, HTTPS enforcement, Clickjacking protection, ABE to name just a few. Then there is also Site matching, Untrusted blacklist, Cross-Site Scripting (XSS), but getting back to ABE (which is worth reading about in this link) which is in my view arguably the most important is perhaps by itself worth using NoScript. Of course websites will break when (ABE) "rule-sets" do not do the job as a result of website changes but that's part of keeping a user as safe as possible while navigating the web.

So NoScript is clearly NOT just simply a Script blocker which is an important point to keep in mind -- fact is -- NS provides many levels of security that perhaps most users do not even take the time to use -- but the fact remains these options are available many of which are very important regarding keeping users safe on the web.
Last edited by Pallid Planetoid on 2018-05-12, 02:21, edited 1 time in total.
Current Pale Moon(x86) Release | WIN10 | I5 CPU, 1.7 GHz, 6GB RAM, 500GB HD[20GB SSD]
Formerly user Pale Moon Rising - to provide context involving embedded reply threads.
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
Knowing Pale Moon is indisputably #1 is defined by knowing the totality of browsers. - Pale Moon Rising

User avatar
WilliamK
Fanatic
Fanatic
Posts: 184
Joined: 2018-02-23, 06:51

Re: Why is my topic closed??

Post by WilliamK » 2018-05-12, 04:08

craftsman wrote:the person who banned NoScript in PaleMoon is an idiot who created unnecessary problems for people
I believe that you have this back to front. The people that develop and encourage the use of NoScript type extensions are the idiots, because JavaScript has always been an integral part of web page design and navigation.

For a little insight, go to any web site based on a CMS like WordPress, Joomla, Drupal and Moodle and view the source code, taking note of just how many scripts are loading on every page. Different plugins and different themes each use different scripts for different functions, so how do the monkey brains that develop NoScripts differentiate between any of them???

Also, if scripts cannot be free to do their job, then it may be unlikely that web pages will look and function properly in any browser, because without browser detection, the page cannot be adjusted to suit. Yep, every web browser supports different script functions and renders CSS differently, with obvious differences showing by 1 pixel in images and unexplained spaces in tables and divs.

User avatar
adesh
Keeps coming back
Keeps coming back
Posts: 805
Joined: 2017-06-06, 07:38

Re: Need for NoScript is a failure of browser community

Post by adesh » 2018-05-12, 05:20

BugRepor42 wrote:Ironically, only Chrome seems to be making any kind of effort to stem the tide of sewage that is unfiltered web browsing.
Hillarious! You seem to be the only person that has this kind of opinion about Google, most of the people think the opposite. People using Chrome and praising it are ignorant and brainwashed who easily believe marketing lies without digging the truth themselves.

Can you name a few things Chrome has done to improve user's privacy and security? Can you opt-out of data collection by Google? I, actually everyone here, would like to hear.

BugRepor42 wrote:So how about stopping auto play HTML5 videos by default? How about preventing cross-domain JS? How about doing something about browser fingerprinting (https://panopticlick.eff.org/) ?!
Pale Moon is one of the most un-fingerprintable browser out there. Search forums first to know, but if you still have doubts, post a new topic with specific question.
You clearly need to do your homework.

modball
Moongazer
Moongazer
Posts: 7
Joined: 2018-03-24, 19:55

Re: Why is my topic closed??

Post by modball » 2018-05-12, 05:40

WilliamK wrote:
craftsman wrote:the person who banned NoScript in PaleMoon is an idiot who created unnecessary problems for people
I believe that you have this back to front. The people that develop and encourage the use of NoScript type extensions are the idiots, because JavaScript has always been an integral part of web page design and navigation.

For a little insight, go to any web site based on a CMS like WordPress, Joomla, Drupal and Moodle and view the source code, taking note of just how many scripts are loading on every page. Different plugins and different themes each use different scripts for different functions, so how do the monkey brains that develop NoScripts differentiate between any of them???

Also, if scripts cannot be free to do their job, then it may be unlikely that web pages will look and function properly in any browser, because without browser detection, the page cannot be adjusted to suit. Yep, every web browser supports different script functions and renders CSS differently, with obvious differences showing by 1 pixel in images and unexplained spaces in tables and divs.

We all know this. Hardly anybody who uses a FF/Mozilla fork does not understand how the web works. You're just encouraging everyone to drop their guard, allow a any and every malicious script to run on their computer *twirls hair* without any browser safeguards. What marketing firm pays your wage again?

Sorry, save your BS for the new hires in your salesforce chat.
Last edited by modball on 2018-05-12, 05:59, edited 1 time in total.

User avatar
BlueOwl
Moonbather
Moonbather
Posts: 58
Joined: 2018-04-24, 15:55

Re: Need for NoScript is a failure of browser community

Post by BlueOwl » 2018-05-12, 06:17

BugRepor42 wrote:The certainly didn't create Peeping Zuck and his Facebook.
But you allowed these abuses to stand.
So it's Pale Moon's fault now, that users keep on trying to make use of websites and services known to hoard excessive amounts of data?
BugRepor42 wrote:Ironically, only Chrome seems to be making any kind of effort to stem the tide of sewage that is unfiltered web browsing.
They collect all your data (and then some), with which they can figure out your routine and pretty much anything you like/do.
BugRepor42 wrote:If you did a better job curbing abuses.
I thought the Pale Moon team's job was designing a browser, not redesigning the whole world wide web. But just in case, they released two adblockers that specifically cater to PM (so no compatibility problems) and other security extensions are still compatible.
BugRepor42 wrote:Instead you chose to focus on how fast websites load (plenty fast for the last DECADE) and how much RAM browser take (I have plenty to waste!).
I don't have any RAM to waste, and other people here have even less than I do.
BugRepor42 wrote:It is unfortunate that Pale Moon chose to blacklist NoScript instead of being proactive in addressing the underlying reasons why people feel the need to use it.
Moonchild and other members of the PM team have already explained this clearly, so I won't touch on this point. However, you do need to realize the PM team doesn't have unlimited manpower and resources, and they try their best to find a sane balance between what users want and what can actually be done. Scripts are used by nearly all sites as of now. If you have any plan on how to tackle this issue without making irreversible changes to browser configuration, you're free to contribute.
BugRepor42 wrote:How about doing something about browser fingerprinting (https://panopticlick.eff.org/) ?!
Canvas poisoning, anyone? :coffee: :coffee:

User avatar
WilliamK
Fanatic
Fanatic
Posts: 184
Joined: 2018-02-23, 06:51

Re: Why is my topic closed??

Post by WilliamK » 2018-05-12, 07:13

modball wrote:You're just encouraging everyone to drop their guard, allow a any and every malicious script to run on their computer *twirls hair* without any browser safeguards. What marketing firm pays your wage again?
Malicious script? And you claim to know all there is to know about web stuff?

Unless you are using a browser that may have empowered JavaScript to do more than what has for years been safe ground, such as Chrome, I may be concerned, but JavaScript is not empowered to interact with your OS at system level.

AS for "twirls hair" I have not used anti-virus software for more than a decade and only started using an add-on to block ads a couple of weeks ago, and I have never experienced or suffered any of the diabolical BS that you are farting about.

User avatar
adesh
Keeps coming back
Keeps coming back
Posts: 805
Joined: 2017-06-06, 07:38

Re: Why is my topic closed??

Post by adesh » 2018-05-12, 07:15

modball wrote:You're just encouraging everyone to drop their guard, allow a any and every malicious script to run on their computer *twirls hair* without any browser safeguards.
I guess your response is more directed towards William, but in case you are addressing the Pale Moon community and it's specifically about NoScript, here's what I have to say:

It is a reality today that Web does not function properly without JavaScript, so to leverage full "potential" scripts have to be enabled. We all have to deal with it. If you do not want functionality provided by the scripts, you have that choice and you can disable them using an extension solution. And that has to be YOUR decision.

No one is encouraging to drop your guard. All the team is doing is giving a warning that you current "guard" does not work well with their product core and cause bumps down the road, while on the surface it might seem to be working. But here also you have a choice to use it despite the warning, and that has to be your conscious decision.
They are just "encouraging" you to find a "guard" which works in harmony with the product, and not against it.
Off-topic:
I, myself, block as much cruft as I can. I was using NoScript until last year when I switched to uMatrix. I do not use AdBlocker. I also block certain connections at system level. Things are easier for me due to my technical background.

RJARRRPCGP
Lunatic
Lunatic
Posts: 337
Joined: 2015-06-22, 19:48
Location: USA (North Springfield, Vermont)
Contact:

Re: Why is my topic closed??

Post by RJARRRPCGP » 2018-05-12, 08:21

Unfortunately, JS is a known vector of malware! I will not just go ahead and accept all JSes and use a blacklist instead of a whitelist! There's too many malscripts out there!

User avatar
Admin
Site Admin
Site Admin
Posts: 292
Joined: 2012-05-17, 19:06

Re: Why is my topic closed??

Post by Admin » 2018-05-12, 08:23

Pale Moon Rising wrote:First of all -- the thing I'm most upset about is Pale Moon support locking threads on this subject. Please -- this should be an open forum and just because people in high places feel that everything has been covered should not in my opinion take it upon themselves to shutdown discussion.
The intent is not to shut down discussion, but to reduce repetition and rhetoric. Even this more discussion-focused thread (even if started with an "I'm leaving because..!!!") is quickly being reduced to bickering in a matter of a few posts because people are simply getting on their high horses and not getting off of them.
Before discussion can take place, people need to calm down, read and understand the problem, but above all accept it without calling other people (in this case Moonchild) idiots for doing what they think is best for everyone.
Did you know that moral outrage triggers the pleasure centers of the brain? It's unlikely you can actually get addicted to outrage, but there is plausible evidence that you can become strongly predisposed to it.
Source: https://www.bbc.co.uk/programmes/p002w557/episodes/downloads - "The cooperative species" and "Behaving better online"

sponge_bob_128
Newbie
Newbie
Posts: 4
Joined: 2018-05-12, 00:02

Re: Why is my topic closed??

Post by sponge_bob_128 » 2018-05-12, 09:23

I had a post deleted (not just locked) that merely noted that you could mistakenly think that the NoScript Warning Popup was never ending if you had multiple profiles and got confused (there were other guys who posted that it kept popping up). So basically, if you see it again you are in another profile (another account(sandbox)/Machine/Virtual Machine/VNC,etc). This confusion may have "triggered" some people because an incessant popup would be very bad. Now my post may have been too esoteric (applies to nobody but me)....

User avatar
Isengrim
Board Warrior
Board Warrior
Posts: 1058
Joined: 2015-09-08, 22:54
Location: 127.0.0.1
Contact:

Re: I'm overreacting and leaving because NoScript.

Post by Isengrim » 2018-05-12, 10:34

craftsman wrote:In FireFox the Noscript works fine! :thumbup:
NoScript can still be installed and run in Pale Moon. Nothing has changed in that regard.

I was also under the impression that ClearClick protection and ABE doesn't yet work in NoScript 10.x, but I could be wrong.
Linux Mint 19.2 Cinnamon (64-bit), Windows 7 (64-bit), Windows 10 build 1803 (64-bit)
"As long as there is someone who will appreciate the work involved in the creation, the effort is time well spent." ~ Tetsuzou Kamadani, Cave Story

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 25768
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: Need for NoScript is a failure of browser community

Post by Moonchild » 2018-05-12, 12:57

Just give it a rest already.
"There will be times when the position you advocate, no matter how well framed and supported, will not be accepted by the public simply because you are who you are." -- Merrill Rose
Image

eldorel
Newbie
Newbie
Posts: 6
Joined: 2018-05-12, 12:33

Re: I'm overreacting and leaving because NoScript.

Post by eldorel » 2018-05-12, 13:08

Just want to toss my two cents in as well, just in case Admin or Moonchild bother to actually read any of these before locking the threads.

I am uninstalling Palemoon as well.
I am not doing it because noscript was added to a blocklist, but because of how you've chosen to react to the criticism and feedback from the community.

In my opinion, your comment that "Everything has been answered already." is incorrect, as the single most asked question has been left unanswered.
That question: "How do I prevent the popup from coming back."

Either through a bug, or some unplanned step I have seen this warning 3 times in the last ~12 hours.
This is unacceptable, and the only 'solution' suggested by anyone was to disable the blacklist completely.

This dialog also attempts to actively disable something that I (and many others) consider to be a vital security feature with VERY little input from the user, as well as forcing the browser to restart.

Yes, disabling the addon is the "recommended action", but I would argue that the options on the dialog should be "thank you" and "ask me later" with a checkbox for "I know what I'm doing, disable this".

The current dialog is not a "Do you want to make changes" dialog, this is a notice that "we've made changes", and it requires a separate user action to prevent the changes.

Combined with the apparently unintended repeat activation, the combination is what I would consider a large problem.



Instead of asking the community for feedback about something that people obviously feel VERY strongly about, you have chosen to censor and lock the threads of those you feel are being unreasonable.
You have also been doing this with comments that could easily be interpreted negatively.

I would like to remind you that this community is made up of people who ALREADY SWITCHED BROWSERS because the disagree with some design choice of the firefox team.
Again: Avoiding the "My way or the highway" dev choices of other browser teams is one of the MAJOR driving forces that bring users to palemoon in the first place.

This combination of results and reaction has undermined my trust in the developer.
So thank you for several years of stability, maybe I will try palemoon again in the future.

For now, farewell.

eldorel
Newbie
Newbie
Posts: 6
Joined: 2018-05-12, 12:33

Re: Why is my topic closed??

Post by eldorel » 2018-05-12, 13:21

sponge_bob_128 wrote:I had a post deleted (not just locked) that merely noted that you could mistakenly think that the NoScript Warning Popup was never ending if you had multiple profiles and got confused (there were other guys who posted that it kept popping up). So basically, if you see it again you are in another profile (another account(sandbox)/Machine/Virtual Machine/VNC,etc). This confusion may have "triggered" some people because an incessant popup would be very bad. Now my post may have been too esoteric (applies to nobody but me)....
I have only one profile, and have seen this four times so far. Once last night, once after I restarted my pc this morning (and clicked the restart later option that disabled the addon), again after I reenabled noscript and restarted the browser again, and just a moment ago when I opened private browsing session.

So, something appears to not be working as designed.

So far the only suggested option to disable the popup completely has been to completely disable the blacklist, and I'm not comfortable with that since Moonchild clearly stated that the about:config option to disable the addon blacklist also controls a bunch of other security features.

(Also, moonchild's statement about all the features controlled by "extensions.blocklist.enabled" makes me uncomfortable. Even about:config options should be clearly labeled. Bundling other unrelated features into a single toggle is usually a sign of other issues with the codebase. )

So for now, I'm looking for another stable and secure-able browser option... again.

User avatar
satrow
Forum staff
Forum staff
Posts: 1799
Joined: 2011-09-08, 11:27

Re: I'm overreacting and leaving because NoScript.

Post by satrow » 2018-05-12, 13:50

Instead of throwing your toys out of the pram, how about switching from critic/feedback mode into supplying enough detail to enable replication of these issues?

rlcoone
Moongazer
Moongazer
Posts: 10
Joined: 2017-10-04, 21:32

Re: I'm overreacting and leaving because NoScript.

Post by rlcoone » 2018-05-12, 14:00

satrow wrote:Instead of throwing your toys out of the pram, how about switching from critic/feedback mode into supplying enough detail to enable replication of these issues?
He tried that and the thread was closed in the middle of people trying to help him. Open that one back up and let them finish troubleshooting.

eldorel
Newbie
Newbie
Posts: 6
Joined: 2018-05-12, 12:33

Re: I'm overreacting and leaving because NoScript.

Post by eldorel » 2018-05-12, 14:02

satrow wrote:Instead of throwing your toys out of the pram, how about switching from critic/feedback mode into supplying enough detail to enable replication of these issues?
Frankly, because I'm at work trying to do what I am paid to do, and this issue was interfering with that.

If I have time after work, I might take the time to open a support ticket and explain what I'm seeing in detail, but I don't have time nor patience to argue with another programmer team about something they may or may not consider worth addressing.

Thanks to the the dev/admin team's other responses in these threads, I would not be surprised for a bug report to be responded to with "the fix for the repeat popup is to disable the addon, we aren't providing any support until you do so".
( which is honestly harsh of me, but is based on past experiences with other project developers. )

User avatar
satrow
Forum staff
Forum staff
Posts: 1799
Joined: 2011-09-08, 11:27

Re: I'm overreacting and leaving because NoScript.

Post by satrow » 2018-05-12, 14:04

rlcoone wrote:
satrow wrote:Instead of throwing your toys out of the pram, how about switching from critic/feedback mode into supplying enough detail to enable replication of these issues?
He tried that and the thread was closed in the middle of people trying to help him. Open that one back up and let them finish troubleshooting.
'He' only has 3 Posts here, you're saying he has multiple accounts here, or are you perhaps confusing him with someone else?
Last edited by satrow on 2018-05-12, 14:05, edited 1 time in total.

Post Reply