Why you should use NoScript
July 2017
Sun Mon Tue Wed Thu Fri Sat
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31          
About
This site is an effort to share some of the base knowledge I have gathered through all this years working with Linux, FreeBSD, OpenBSD, Python or Zope, among others. So, take a look around and I hope you will find the contents useful.
Recent Entries
Recent Comments
Recent Trackbacks
Categories
OpenBSD (9 items)
BSD (0 items)
FreeBSD (19 items)
Linux (3 items)
Security (3 items)
Python (22 items)
Zope (13 items)
Daily (144 items)
e-shell (9 items)
Hacks (14 items)
PostgreSQL (3 items)
OSX (8 items)
Nintendo DS (0 items)
enlightenment (0 items)
Apache (3 items)
Nintendo Wii (1 items)
Django (24 items)
Music (12 items)
Plone (7 items)
Varnish (0 items)
Lugo (2 items)
Sendmail (0 items)
europython (7 items)
Cherokee (1 items)
self (1 items)
Nature (1 items)
Hiking (0 items)
uwsgi (0 items)
nginx (0 items)
cycling (9 items)
Networking (1 items)
DNS (0 items)
Archives

Syndicate this site (XML)

RSS/RDF 0.91

05 abril
2016

Why you should use NoScript

javascript is too powerful and buggy, and the internet is wilder than ever

http://e-shell.org/img/noscript.png

NoScript is an extension for the Firefox web browser that, among tons of other things, prevents Javascript code from being executed in the browser when you load a page.

Sounds simple, right? Well, NoScript has a lot more features and options, feel free to install it and take a look at its documentation and features, it is really worth it.

But here I want to focus on that hability, to prevent javascript code from being executed in your browser. This can be a bit annoying at first, specially nowadays when every website or webapp is using tons of javascript code for the most simple things, from displaying nice gallery carousels to modify the behaviour of clicks you do on links or buttons, passing by performing additional load of contents from third-party sources. If you don't believe me, just try to load a website like the Washington Post not letting your browser to load any javascript from that domain. You won't see the pictures, for example.

In some other websites the experience is even worse, all you get is message asking you to enable javascript if you want to get the contents; or even worse, a blank page without any contents or indications of why the contents are not there.

That's why many people ask me why - "Why do you have this blocker, which makes websites unusable?" - they ask. Even if I can allow (permanently or temporary) those javascript codes to be executed, people usually find this very annoying.

Well, the answer is for security reasons. Exactly as when I do a network firewall setup, I prefer to go with a block by default, then allow what is needed policy in my browser. I think this is a very good idea, specially if you take in account things like this bugs here:

https://bugs.chromium.org/p/project-zero/issues/detail?id=773

https://bugs.chromium.org/p/project-zero/issues/detail?id=693

If you look a bit further down Internet Lane you will find a lot more examples of bugs that can be exploited by simple Javascript code that is automatically executed in your browser when you load a website, so be careful when surfing through the Interwebz!

Posted by wu at 08:33 | Comments (0) | Trackbacks (0)
<< 2015 - A year in cycling pictures | Main | Moving through the big city >>
Comments
There are no comments.
Trackbacks
Please send trackback to:http://blog.e-shell.org/318/tbping
There are no trackbacks.
Post a comment