Develop an extension like NotScript

I would like to see Comodo develop an extension like NotScripts. This is very similar to NoScript in Firefox.

The major difference is I would like to see a whitelist of scripts that can be trusted.

What do you guys think?

Both a white list and a black list;

but Yes! I would like this feature…
and of course a community submission

Jake

Well, with an extension like this all scripts would be blocked by default. So would you like the blacklist to just warn the user whether they should not allow a script because it’s suspected to be dangerous?

Perhaps. So you would like this to be incorporated into the SiteInspector toolbar?

This is the main reason I don’t like NoScript. Blocking them all by default is a bit of a kneejerk reaction because the majority of the scripts out there are completely harmless. I’m talking about the locally hosted scripts. (Navigation, etc…) Unless you regularly visit questionable sites, you are only very rarely at risk from locally hosted scripts as they are under direct control of the site owner.

The big security risks are the externally hosted, or third party scripts that the site owner has no control over.

I much prefer the concept of using AdBlock Plus to block all third party scripts, and whitelist if there is some functionality that requires third party scripts. Such as YouTube videos served from CDN servers.

This way you’re protected from the real risks, yet most of the internet runs as intended.

I must say this has to be the third time i mis-read a topic lol

I am with HeffeD,
I dont use noscript i use ABP.
but than again, they develop something like Noscript, but block harmful scripts…

So again its pointless to create a database full of blacklisted websites because their created almost every minute literally. So I would have to say, detect a certain harmful action and block against that.

Jake

So perhaps an extension that automatically blocks known harmful scripts, allows known safe no matter what, and blocks all unknown third party scripts but allows scripts that are not externally hosted.

Do you think that would be useful in general?

Yes, I think such a thing would be very useful.

i vote for this with the “if not on white list then deny approach” unless the user manually allows or temporarily allows.

i would love for my mom to be able to use something like this but without having to interact every time like noscript. i’m leaving the state soon and want my mom protected as best as possible when i leave and this would help

also needs click jacking protection like noscript. idk if notscript has that