Every once in a while I need to enable a CDN or an auxiliary site to the main one, e.g. ssl-images-amazon.com, but overall, it’s quite manageable these days. I feel that Noscript takes an utterly hopeless situation and takes back quite a bit of control. I wholeheartedly recommend that everyone who uses a web browser use it.
I wish that could be the end of the post.
Unfortunately, I recently noticed something unnerving and I tested it
conclusively today with version
18.104.22.168. When I install the
extension I find that it creates this file (yours may be slightly
This is actually a zip file (bloody
hell). Inside the archive I find the file
contains this configuration setting (breaks added for readability).
pref("noscript.default", "about:blank about:pocket-signup about:pocket-saved addons.mozilla.org persona.org mozilla.net google.com gstatic.com ajax.googleapis.com maps.googleapis.com paypal.com paypalobjects.com securecode.com securesuite.net firstdata.com firstdata.lv yahoo.com yimg.com yahooapis.com youtube.com ytimg.com googlevideo.com netflix.com nflxext.com nflximg.com nflxvideo.net noscript.net hotmail.com passport.com passport.net passportimages.com live.com live.net outlook.com afx.ms gfx.ms sfx.ms wlxrs.com ajax.aspnetcdn.com bootstrapcdn.com code.jquery.com yandex.st tinymce.cachefly.net");
What the hell is all that? To find out you can click on the Noscript
Options and then select the
Whitelist tab. A new
What a rotten sneaky trick. I’m pretty disappointed about that.
Fortunately, it’s easy to clear those out. It’s just sad that even
this extremely high quality tool designed to empower your authority
and control over your browser is simultaneously designed to sell you
out to Bank of America’s Latvia division or whatever that is.
Still, don’t forget — sad as that is, I wholeheartedly recommend everyone who uses a graphical browser install Noscript. The web is that bad.