NotScripts (NoScript for Chrome/Chromium Browsers)

M

Miscommunication

Gawd
Joined
Jul 5, 2007
Messages
631
I know it's been a while since I've logged in, let alone posted, but I'm back lol!

Anyway, I came across perhaps THE extension many Chrome users (SRWare Iron, Chromium, etc.) have been waiting for (and others who are on the FF/Chrome fence).


NotScripts

From the developer's chrome-extensions page:
NotScripts gives you a high degree of "NoScript" like control over what javascript, iframes, and plugins runs in your browser to increase security and lower the CPU usage. It is useful to help mitigate some attacks like certain cross-site scripting (XSS) vulnerabilities and drive by downloads by blocking the third-party content before it even runs with it's default deny policy.

You can whitelist the sites you want through an easy to use url bar icon and drop down menu.

NotScripts uses a unique and novel method to provide this "NoScript" like functionality in Google Chrome that was not previously possible. It introduces a break through technique of intelligent HTML5 storage caching to over come the limitations in Google Chrome that prevented an extension like this from being made before. NotScripts blocks third-party content BEFORE they load and it does this while also having a whitelist. This is one of the key extensions that many people have been waiting for since Google Chrome came out.
Click to expand...

Having been using it myself for some time now, I must say that is works exactly as advertised and greatly speeds up my web browsing to boot (I use SRWare Iron - 7.0.520.1 instead of Chrome). The only tiny caveat is the protection of the white-list, which is protected by a 20-100 character-required password in a javascript profile file.


From the developer's project website:
A NotScripts password is required to be set for the initial use on a computer or if NotScripts was updated. The password is used to protect your privacy by preventing web sites from viewing the NotScripts whitelist caches. Due to technical limitations, you are required to open a file to set the password.

NotScripts caches some settings in the HTML5 local and session storage for each site visited to enable the blocking to work. These settings are the whitelist of sites that you allow scripts/iframes/plugins to run on. However, the HTML5 storage is also accessible by the sites you visit because it was originally meant for them to use for caching. To overcome this privacy issue, NotScripts encrypts the settings with AES-128 using the Standford Javascript Crypto Library to prevent access.
Click to expand...

Basically, in Chrome/Chromium you must have the cookie settings at the recommended option (allowed storing of local data). Of course, you can still have third-party cookies set to never be allowed.


Due to some of Chrome's/Chromium's apparent API limitations, there are a few limitations to its effectiveness:

&#8226; Blocking deprecated "<APPLET></APPLET>" elements (not often used today, besides most users probably don't use and don't need to use Java)
&#8226; Inline scripts (to an extent)

&#8226; Caching reloads (not really a big deal)
When visiting a site, if there's anything you need to allow or block, the site will be reloaded for the change(s) to go into effect. This is as easy as allowing or blocking whatever script or source you desire on the dialog-menu and then clicking somewhere on the page. Global filters (blocked scripts or sources) can also be applied.

It's not as full-featured as NoScript (yet) and probably provides about 90-95% of script and source-blocking comparatively, but it's a great start IMO. Although for example, regarding Flash LSO's, I use a home-made script that deletes such files every 5 min. on my rig anyway.

Chime in with what yall think!
 
Last edited:
Miscommunication said:
I know it's been a while since I've logged in, let alone posted, but I'm back lol!

Anyway, I came across perhaps THE extension many Chrome users (SRWare Iron, Chromium, etc.) have been waiting for (and others who are on the FF/Chrome fence).


NotScripts

From the developer's chrome-extensions page:


Having been using it myself for some time now, I must say that is works exactly as advertised and greatly speeds up my web browsing to boot (I use SRWare Iron - 7.0.520.1 instead of Chrome). The only tiny caveat is the protection of the white-list, which is protected by a 20-100 character-required password in a javascript profile file.


From the developer's project website:


Basically, in Chrome/Chromium you must have the cookie settings at the recommended option (allowed storing of local data). Of course, you can still have third-party cookies set to never be allowed.


Due to some of Chrome's/Chromium's apparent API limitations, there are a few limitations to its effectiveness:

• Blocking deprecated "<APPLET></APPLET>" elements (not often used today, besides most users probably don't use and don't need to use Java)
• Inline scripts (to an extent)

• Caching reloads (not really a big deal)
When visiting a site, if there's anything you need to allow or block, the site will be reloaded for the change(s) to go into effect. This is as easy as allowing or blocking whatever script or source you desire on the dialog-menu and then clicking somewhere on the page. Global filters (blocked scripts or sources) can also be applied.

It's not as full-featured as NoScript (yet) and probably provides about 90-95% of script and source-blocking comparatively, but it's a great start IMO. Although for example, regarding Flash LSO's, I use a home-made script that deletes such files every 5 min. on my rig anyway.

Chime in with what yall think!
Click to expand...

I had Noscript running with FFox, but it got to be such a pain in the tuchus with loss of important functionality that I had to turn it off. Is this program more "intelligent" than Noscript?

I'm interested in your script for deleting Flash cookies. Can you post it? thx.:)
 
I used this to bypass warnings from the [H] and it works well! The only main annoyance is that since it blocks scripts from running, and if you forget to turn it off (like I did); websites wont function properly.
 
You must log in or register to reply here.
Back
Top