Free Software Foundation!

Join now

Difference between revisions of "NoScript"

From Free Software Directory
Jump to: navigation,
(Created page with "{{Entry |Name=NoScript |Short description=Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks. |Full description= ...")
 
m (typo)
 
(9 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
{{Entry
 
{{Entry
 
|Name=NoScript
 
|Name=NoScript
|Short description=Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks.
+
|Short description=Only enable JavaScript for sites you trust.
|Full description= The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank).
+
|Full description=The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other Mozilla-based browsers.  Its aim is to allow active content to run only from sites you trust, and protect yourself against XSS and Click-jacking attacks. It is also useful to prevent Flash running on the browser.  
  
NoScript also provides the most powerful anti-XSS and anti-Clickjacking protection ever available in a browser.
+
But its main advantage could be the alerts given on its interface. There is an increasing number of Web sites that cannot run without non-free JavaScript programs downloaded and executed on the visitor's computer. Richard Stallman first raised this another concern with his article [https://www.gnu.org/philosophy/javascript-trap.html The JavaScript Trap], pointing out that most JavaScript programs are not freely licensed, and that even free software Web browsers are usually configured to download and run these non-free programs without informing the user.  So maybe NoScript could encourage people to keep informed about this related issue and [https://www.fsf.org/campaigns/freejs take action].
  
NoScript's unique whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality...  
+
Anyway, NoScript is an extremely valuable Firefox extension for security. Its unique white-list based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality...
 
|Homepage URL=http://noscript.net/
 
|Homepage URL=http://noscript.net/
 
|User level=intermediate
 
|User level=intermediate
|Extension of=Firefox
+
|Extension of=Firefox,Gnuzilla IceCat
 +
|Documentation note=Install NoScript and enable ‘Forbid scripts globally’ to improve the security of your browser by preventing 0day JavaScript attacks. This is a drastic option as it will render many websites unusable as they rely heavily on JavaScript. NoScript offers a whitelist you can use to selectively enable JavaScript for sites you trust, but this is considered [https://www.torproject.org/docs/faq.html.en#TBBCanIBlockJS especially bad for your anonymity] if you're using NoScript with Tor.
 +
|Related projects=LibreJS
 +
|Version identifier=2.6.8
 +
|Version status=stable
 +
|Version download=https://secure.informaction.com/download/releases/noscript-2.6.8.xpi
 +
|Last review by=enyst
 +
|Last review date=2013/03/24
 
|Status=
 
|Status=
 
|Is GNU=No
 
|Is GNU=No
 
}}
 
}}
 
{{Project license
 
{{Project license
|License=GNU GPL v2
+
|License=GPLv2
 +
|License verified by=enyst
 +
|License verified date=2013/03/24
 +
}}
 +
{{Resource
 +
|Resource audience=Users
 +
|Resource kind=Forum
 +
|Resource URL=http://forums.informaction.com/viewforum.php?f=3
 +
}}
 +
{{Software category
 +
|Internet-application=privacy
 +
|Use=internet-application, security
 
}}
 
}}
{{Software category}}
 
 
{{Featured}}
 
{{Featured}}

Latest revision as of 18:57, 20 September 2013

[edit]

NoScript

http://noscript.net/
The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other Mozilla-based browsers. Its aim is to allow active content to run only from sites you trust, and protect yourself against XSS and Click-jacking attacks. It is also useful to prevent Flash running on the browser.

But its main advantage could be the alerts given on its interface. There is an increasing number of Web sites that cannot run without non-free JavaScript programs downloaded and executed on the visitor's computer. Richard Stallman first raised this another concern with his article The JavaScript Trap, pointing out that most JavaScript programs are not freely licensed, and that even free software Web browsers are usually configured to download and run these non-free programs without informing the user. So maybe NoScript could encourage people to keep informed about this related issue and take action.

Anyway, NoScript is an extremely valuable Firefox extension for security. Its unique white-list based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality...

Documentation

Install NoScript and enable ‘Forbid scripts globally’ to improve the security of your browser by preventing 0day JavaScript attacks. This is a drastic option as it will render many websites unusable as they rely heavily on JavaScript. NoScript offers a whitelist you can use to selectively enable JavaScript for sites you trust, but this is considered especially bad for your anonymity if you're using NoScript with Tor.

Related Projects

Extension or Plugin

This package can be used as an extension, plugin, or add-on to:



This package is listed in the following Collections:


Licensing

LicenseVerified byVerified onNotes
GPLv2enyst24 March 2013



Leaders and contributors

Resources and communication

Audience Resource type URI
Users Forum http://forums.informaction.com/viewforum.php?f=3


Software prerequisites

This entry (in part or in whole) was last reviewed on 24 March 2013.



Entry

















Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.


Personal tools
Namespaces

Variants
Actions
Navigation
Contribute