Seems like you are using this add-on:
https://addons.mozilla.org/en-US/firefo ... -uri-leak/
But you don't need that one to stop BL/ff ... NoScript will do the same
go to about:config
Yes you are right, I am using that add-on. I do have one questions about your instructions on Noscript.
When I add the bottom two to noscript.untrusted, is there a particular place those two need to be?
Like, does it matter where they are inserted? I am assuming there needs to be a space in front and in back?
Thanks for your great post. I did quit using the user string agent as it was causing to many problems and
Even when I was just using FF and PM strings the versions were to old. So I ditched that one.
I made a mistake in my original post, resource:
should be resource://
(notice the double slashes added)
Yeah, just add a space in between, if you already have a bunch of websites etc added to your noscript.untrusted
, it probably looks something like....
Code: Select all
.........www.idonttrustthisshiteweb.com http://www.anothershillweb.com resource:// resource://gre
and it doesn't matter in which order you put it, I just added the goodies in the end of that string.
But I ought to add a disclaimer here, my experiences is mainly with Firefox, Palemoon though is still quite a new experience for me.
Secondly, adding resource:// to the untrusted list may still break with some add-on's, as I discovered with FreeMemory2
https://addons.mozilla.org/en-US/firefo ... -memory-20
I had to add an additional path under about:config called capability.policy.maonoscript.sites
By adding resource://freememory2
(actually I think, more exactly it was resource://freememory2/data
, don't remember now) will add an exclusice bypass for freememroy2 addon overriding the untrusted setting.
This might make things a bit fiddly with some add-on's, but so far I haven't noticed many glithches at all with the few add-on's I am using.
BTW, here's some more bonus stuff from maiko-the-apprentice-jap-babe, I don't know if it adds some additional protection, but you could try out adding some more exotic fun stuff to the noscript.untrusted
list, such as blob: chrome: irc: ircs: mediasource: mediastream: /favicon.ico
and manymanymany... more goodies, this is pretty new stuff as I haven't seen anyone else covering this and I too have only started scratching the surface, but considering all the nice "features" Firefox is flaunting with in the open cyberspace these might need some sweet love and care...
And don't forget to remove the equal preferences under noscript.mandatory
when adding them to noscript.untrusted
By the way, welcome to the PM forum.
Thanks a lot!