NoScript Security Suite のレビュー
NoScript Security Suite 作成者: Giorgio Maone
Firefox ユーザー 13551289 によるレビュー
5 段階中 2 の評価
Firefox ユーザー 13551289 によるレビュー (8年前)Ok, I just got the update and have to say I really hate the new version and am considering dumping it completely. There are a lot of reasons why.
Under the old version, when you visit a new website, it shows a popup saying that scripts are disabled and giving you a quick option to temporarily or permanently enable scripts for just that website. Under the new version, you don't even know if the scripts are blocked, and if the website is malfunctioning because it needs its scripts, or what.
Also, the new UI really sucks. Everything is all icons now and I don't have a clue what any of them do. Am I allowing scripts or blocking them? Am I permanently allowing them or just temporarily? You could at least give us the option to go back to the classic interface.
I've also noticed that for every single website I go to, I have to tell it not to allow XSS from that website to facebook.com. It's really annoying. There is no option to just say, don't allow XSS from anywhere to facebook.com. Under the old version, it only gave me an XSS warning for a certain few websites which I could then do an unsafe reload. Now it's like there's cross-scripts everywhere.
Ok so maybe a useful feature would be to allow for example facebook.com (seems to be the main offender here) when I'm ON facebook.com, but disable it when any other website tries to cross-script to it.
Anyway to sum it up, the new version nags me incessantly and isn't clear enough about what's going on for me to figure out how to allow the scripts I want and block the ones I don't. Please go back to the old version.
Under the old version, when you visit a new website, it shows a popup saying that scripts are disabled and giving you a quick option to temporarily or permanently enable scripts for just that website. Under the new version, you don't even know if the scripts are blocked, and if the website is malfunctioning because it needs its scripts, or what.
Also, the new UI really sucks. Everything is all icons now and I don't have a clue what any of them do. Am I allowing scripts or blocking them? Am I permanently allowing them or just temporarily? You could at least give us the option to go back to the classic interface.
I've also noticed that for every single website I go to, I have to tell it not to allow XSS from that website to facebook.com. It's really annoying. There is no option to just say, don't allow XSS from anywhere to facebook.com. Under the old version, it only gave me an XSS warning for a certain few websites which I could then do an unsafe reload. Now it's like there's cross-scripts everywhere.
Ok so maybe a useful feature would be to allow for example facebook.com (seems to be the main offender here) when I'm ON facebook.com, but disable it when any other website tries to cross-script to it.
Anyway to sum it up, the new version nags me incessantly and isn't clear enough about what's going on for me to figure out how to allow the scripts I want and block the ones I don't. Please go back to the old version.
開発者の返信
投稿日時: 8年前1) The UI shows you all the domains that are trying to run active content, just like before, but more compact. You can allow them individually (by assigning the TRUSTED preset), leave them not running (DEFAULT), blacklisting (UNTRUSTED) or even assign CUSTOM permissions. Not just that, but better than before if you can modify each preset on the fly and even see the minimum permissions needed for the site to work (they've got a pink background).
2) To assign the TRUSTED preset temporarily, you just click it once. To make it permanent, you click the clock icon and make it fade away (temporary->permanent).
3) The XSS filter now has a "Always block requests from a.com to b.com" option, that you can use exactly the way you say you want.
2) To assign the TRUSTED preset temporarily, you just click it once. To make it permanent, you click the clock icon and make it fade away (temporary->permanent).
3) The XSS filter now has a "Always block requests from a.com to b.com" option, that you can use exactly the way you say you want.
合計レビュー数: 2,417
- 5 段階中 5 の評価Firefox ユーザー 19664008 によるレビュー (9日前)
- 5 段階中 5 の評価Firefox ユーザー 19487299 によるレビュー (11日前)
- 5 段階中 5 の評価Ryan Steed によるレビュー (20日前)
- 5 段階中 5 の評価ZeroUnderscoreOu によるレビュー (1ヶ月前)
- It does a great job at blocking, but is regularly frustrating with re-enabling things. It's supposed to show you what it's blocking, but that's extremely hit-or-miss. Occasionally, there'd be something blocked where the only solution is to disable the extension. As in, right-click and disable *from Firefox itself.*
- 5 段階中 3 の評価zekromVale によるレビュー (2ヶ月前)There needs to be a CPU limit on this extension, using 30% CPU of an intel i7 11th gen laptop CPU on YouTube is ridiculous. Firefox for Ubuntu snap, flatpack, or just .deb are affected. Must disable NoScript to fix it or allow everything fully for all domains on the page. I would like more domains to be added to the global trusted list though (by default) or have a popup at the top when you first visit a page.
- 5 段階中 5 の評価Hopeavirta によるレビュー (2ヶ月前)
- 5 段階中 5 の評価Zelgadis-San によるレビュー (2ヶ月前)
- User for at least 15 years, Something is conflicting on Firefox. It is blocking scripts and other add ons such as tampermonkey or violentmonkey with scripts added, but without any listing of what is being blocked. Only option is to shut it off to proceed.
Even blocking games internal scripts without any 'monkey' in use.
Please check and test - 5 段階中 5 の評価Simon Bünemann によるレビュー (2ヶ月前)
- 5 段階中 2 の評価Firefox ユーザー 15990777 によるレビュー (3ヶ月前)
- 5 段階中 5 の評価Arman Daneshjoo によるレビュー (3ヶ月前)
- 5 段階中 5 の評価Firefox ユーザー 19469020 によるレビュー (4ヶ月前)
- 5 段階中 5 の評価Firefox ユーザー 14500718 によるレビュー (4ヶ月前)
- 5 段階中 5 の評価Firefox ユーザー 19459487 によるレビュー (4ヶ月前)I'm notified every time WebGL is blocked on each page load. There's no way to disable these notifications and it's very irritating.
Edit: updated to 5 stars as it can be disabled after all but the setting isn't described very clearly.開発者の返信
投稿日時: 4ヶ月前You should not get any notification. Just a little placeholder inside the page, to be able to enable it back. And you can disable it by unchecking "NoScript Options>Appearance>Show synthetic placeholders for invisible capability probes"