WebExtension is a big change, so former NoScript is dead and NoScript 10 is just a new extension.
Hopefully the developer will probably recover some advanced features of the XUL version, but it will take time we must be patient.

As today, there is no alternative on Firefox 57.
It seems that developer of the excellent ScriipSafe on Chrome Webstore doesn't want to port it on Firefox.
He could have done this for Microsoft Edge since a long time, and nothing has been done.

And surfing without a script controller is I M P O S S I B L E
.
I just don't understand why Mozilla team has not developed a basic embedded javascript manager as it was in the very good former Opera 16 (presto engine), so it could have let all the time to the third party developers to create a more advanced extension.

This is not acceptable, THIS IS A VERY BIG FAULT from Mozilla.

The main issue I could address now to the developer is :

1) no possibility to grant authorization to a full domain (this is a big difference with ScripSafe which lets the choice to the user)

Example : I want to authorize domain and all subdomain of the CDN provider Akamai, This si possible with scripsafe by using the "trust" option instead of "allow", it is not possible here

I want to authorize all Akamai because due to load balancing process the CDN server may change a lot, and so you still need to allow various subdomain. Maybe the developer could implement very quickly a joker system allowing to enter domains like :

*.akamai.net
*.hd.akamai.net

In first case we allow every subdomain of akamai.net
In the second case we limit to every subdomain of hd.akamai.net

2) No synchornization option

Ideally, NoScript should store the users data in cloud through the Firefox account as ScripSafe does in the Google Account.
But maybe it is not possible according to the Firefox account policy, so the workaround should be to be able to synchronize data to/from a local path on the computer.

One just have to create this path in a OneDrive or Google Drive synchronized directory...and this should be done.
I have several computer, each computer has several users session, this is just annoying to set up NosSript for each repeating always the same process. And when I set up a new computer, I must restart from the beginning.

With ScripSafe, this is very easy... the extension automatically download and upload to Google Accounts (one must activate such option).

If ScripSafe is ever ported to Firefox with the same functionalities, I drop NoScript

3) Slow GUI
As today, the NoScript GUI is I N C R E D I B L Y slow.
As a comparison ScripSafe is incredibly fast to display the distant hosts list

But this version is a kind of quick done dirty version, let's be patient, this will be probably fixed in the future, but developer must know that the situation is as today not acceptable. I also suspect that NoScript 10 slows down the browser

4) Inefficient filtering mechanism

In the former XUL extension, the filtering engine of NoScript was crappy as it was oftenly forgetting a lot of distant host.
So one needed sometimes to switch to "allow all scripts" to see these hosts, and go back to "forbide all scripts", and so we could set rules for theses invisible hosts.

As compared, ScripSafe was far better as there was not such issues.
Finally.... XUL NoScript is dead and this is a very good thing because the filtering engine of NoScript was outdated and the author didn't want to admit that.

Let's see now if this brand new Web Extension addresses such issues, I can't say at this moment.

Best stuff you can have on Firefox. Can image browsing web without it. Thanks thousand times for it and keep up amazing work.

First of all thank you for all the effort you put into the new Quantum-enabled version of NoScript. I can imagine, it took a lot of time to rewrite this extension, which had been developed for years, completely from scratch.

It is noticable that the new version has been written in a big hurry. The UI is not fully developed and looks like it was made for newbies than for experienced computer users. I know, the UI cannot be changed back. We all will have to accept that XUL is gone. I don't think, the new UI is bad in general. It is just not finished yet.

Sadly, some very important features are still missing. For me personally, giving temporary permissions to a website is a must-have feature. I think this is such a key component that I wonder why it has not been implemented yet. How am I supposed to test a website? Giving it permanent permissions and later revoking them again is not a very effective way.

There are still a lot of things to be done. However, I think a huge step was made already. The basic functionality is now implemented as a WebExtension with more functionality to follow. Keep up the good work. I am sure, the comments and ratings of NoScript will become better soon.

"To all the people complaining about the new UI (not that I expect any of them to see this): Giorgio can't revert back to the old UI because that kind of UI is no longer supported on Firefox 57 and above. Nice things like native drop-down menus and dialog boxes are no longer allowed. Those were part of XUL addons. Now we only have WebExtensions add-ons à la Chrome, and if you know Chrome, you know that its add-on interface situation is the same. "Nice" UIs have been prohibited by Mozilla, on purpose, so your gripe is with them, not with Giorgio, the developer of this add-on.

I do agree that the UI could use some work anyway, though, in terms of understandability, ease of use, and looks. But this is still an early version which had to be released in a rush, so give it a while.

I'll still deduct one star from my previous rating because too much comfort functionality is missing at the moment. Temporary exceptions, selective and site-wide, were one of my most-used features of NoScript, and they're not in yet. Also, the options screen is severely lacking, a lot of the behaviour I used to customise can't be changed right now. I assume that all of these things are still possible, and just haven't been implemented yet. Part of that blame, once again, can be put on Mozilla for their hasty and clumsy shutdown of XUL extensions and the rushed und grossly unfinished transition to WebExtensions, which is making life hard for all add-on developers."

Word.

The previous version was perfectly fine........... Now you broke it with your latest update. No temporary permissions like the previous version.... Disabled until you fix it.

Update: I did not know that Firefox made a update causing Noscript to not work causing the dev to make a quick patch which lacked a lot of things that we liked. I'm adding back some stars for effort to push out a add-on so quickly after an update. Refinements are needed as the current add-on does not work as before. But I'm still going to disable it for the time being as its too confusing to use. Will check back daily to see if a new update is available and then update it accordingly.

10.1.2 update: I take it back..... In a mere 4 days you managed to almost rewrite a new add-on with the same use as v5... Well done man... Well done.

Hey.

You realize that you also interfere with content scripts of other web extensions?

On Chrome and Opera, xmlhttp requests can be sent from background pages. On Firefox quantum, this is disallowed by same origin policy (it was allowed before). So the only way to make http requests is to use content scripts. This, however, does not work with no script on!

I don't think this is good behavior. Content scripts from other webextensions are privileged by definition, so NoScript should not disallow them!

This is for all the haters. Firefox Extensions is now using WebExtensions FORCING extension developers to conform to new APIs and new UI. Get educated: https://blog.mozilla.org/addons/2017/09/28/webextensions-in-firefox-57/

Giorgio, GREAT job getting this no-script update out and with some great new UI that is clear and usable. It's a great first start, and I'm happy to have the extension back!

I do understand that it is maybe time to overthink the UI at this stage.
But I think a little more time would have done good before releasing now.
Unless you maybe released an old testversion?

Because right now noscript really is unusable.

But thumps up for good work overall.

great to have NoScript back with Quantum

I hate that Firefox 57 has completely gutted what addon developers are allowed to do. Reading a few homepages of my favorite addons is a sad state of affairs. Couple developers gave up and left to do other things due to firefox deciding to close the doors and use this quantum e10 crap as excuse to close doors to developers making addons that we could use to do whatever we wished.

we had a rating system so we self policed the bad addons as it was. But Mozilla is destroying firefox

now im reading in future they want to monetize addons and charge money for addons using the firefox web store to buy extensions and buy themes.

wtf they think they are apple now?
The old UI worked. It was intuitive. I hate being forced to a seperate tab to control anything. Stop opening tabs!!!! give me a hover based UI.

Ok. Good enough.
Sites presentation is clearer and more readable now.
Missing the temporary options and allowing all.

lo mejor que se puede tener para navegar con seguridad para firefox, llevo usandolo mas de 2 años y sin ningun problema.

As always great web extension. Issue is I am android FF 57 mobile browser and XSS won't keep itself checked. Once I leave the browser and come back it is unchecked again. With the old NS that and the other security settings like anti click jacking etc... stayed checked. Other than that I am getting use to this new look and settings. Thanks.

The new design for granting / declining permissions for a script is a bit clumsy.

Ergonomically it's so bad I don't even want to use it. Can't disable it for specific site, can't open expandable menu to manage the scripts. Big step back.

New UI is a bit clunky, but I want to thank you for continued development in the wake of the WebExtension fiasco.
It's missing individual script blocking though, which is kind of a bummer. I hope there is a way around it that you can implement for the future.

Safe again! Felt naked & vulnerable without NoScript for the last few days...

Like the new drop down functionality. It's easier to use than before and the ability to change multiple settings without a reload between each one, along with the ability to reload the page manually without losing the menu, is great. On the downside, the font colours and icons need an 'art pass' or two. Also, the 'allow this time only' option was extremely useful and it's re-appearance would be welcomed with open arms...

As somone who takes online privacy & security seriously, NoScript is one of the most useful pieces of software ever, in the history of everything... ;-)

EDIT : Worked out how to temporarily allow a script, with the little 'clock' icon. Nice!

this is for the new version only. TBH, I do prefer the old UI, but this is so much better than nothing! It did take me some time to understand what's going on, but I'm OK now.
The only thing that I don't like - for some reason on some pages all the scripts were forbidden (gmail), and on others - all were permitted (some weather forecast sites). There's no rhyme or reason for that.

was THE BEST, for years and years

the new version for new FF is way way way way less user friendly, and almost not worth the effort :(


edit: actually it's completely worthless now gonna remove

Where is the option for Temporarily Allow All or Temporarily Allow individual scripts? This version is impossible to use. I used temporary permissions all the time because so many sites have many scripts.

The UI is awful and not at all intuitive. There is a page I'm trying to enable right now but I don't know how to. No matter what scripts I enable or disable it's not loading like it used to, where before I could just temporarily allow scripts and everything would be fine. I'm clicking every single script shown in that long list, locking and unlocking each one and reloading, and it's not working.

(And what's up with unlock being red and lock being green? The UI is not user friendly)

I think i have to disable this until it's improved. I want to be happy it's back but it's unusable.