Recent searches

No recent searches

Search options

Only available when logged in.
mastodon.ie is one of the many independent Mastodon servers you can use to participate in the fediverse.
Irish Mastodon - run from Ireland, we welcome all who respect the community rules and members.

Administered by:

Server stats:

1.6K
active users

mastodon.ie: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.2

#noscript

0 posts0 participants0 posts today
*
Kevin Karhan :verified:

Nobody: "How much bullshit can we shove into our website?"

#deel: YES!

And that's just the crap that #uBlockOrigin and #NoScript caught:

deel.com
api.deel.com
app.deel.com
amazonaws.com
a569f72b706584c51b5f33f0e47ccd30-e12968bbf00b014c.elb.eu-west-1.amazonaws.com
wiki.deel.network
braze.com
sdk.iad-06.braze.com
cal.com
app.cal.com
calendly.com
assets.calendly.com
chilipiper.com
js.chilipiper.com
com.cdn.cloudflare.net
api.deel.com.cdn.cloudflare.net
api.deel.com
d20qeu5vw8i5t2.cloudfront.net
cdn.zapier.com
d3kz3mviooatoq.cloudfront.net
avatars.slack-edge.com
deel.network
wiki.deel.network
deel.tools
openreplay-new.deel.tools
google.com
apis.google.com
www.google.com
googletagmanager.com
www.googletagmanager.com
gstatic.com
fonts.gstatic.com
www.gstatic.com
k8s-openrepl-awsalbin-ed4c403a34-602701419.eu-west-1.elb.amazonaws.com
openreplay-new.deel.tools
letsdeel.com
media.letsdeel.com
s3.amazonaws.com
sammylabs.com
api.sammylabs.com
sentry.io
o265775.ingest.sentry.io
slack-edge.com
avatars.slack-edge.com
stripe.com
js.stripe.com
m.stripe.com
q.stripe.com
stripe.network
m.stripe.network
stripecdn.map.fastly.net
m.stripe.network
zapier.com
cdn.zapier.com
 …deel.com
…braze.com
…cal.com
…calendly.com
…chilipiper.com
…deel.network
…deel.tools
…google.com
…googletagmanager.com
…gstatic.com
…s3.amazonaws.com
…sammylabs.com
…stripe.com
…stripe.network
…zapier.com

Seriously, I get that not everyone is able to do #accessible and #performant #forms and #Websites and that #JavaScript is trendy and hip.

  • But this seriously isn't funny anymore, but insulting!
#Enshittification#Bloatware#WebDev
davecykl

Yuk, just discovered #Firefox has recently(?) added some sort of “AI Chatbot” garbage into its sidebar 🤮

Only even noticed it due to some odd “(sidebar?)” notes for various sites in the #NoScript UI (issue already logged by sbdy else + apparently fixed, so hopefully trickles down soon), which made me open the sidebar to look.

Bah, I really hate the constant churn of Ubuntu’s non-ESR Firefox almost as much as I hate the corpus regurgitators. Right, how do I disable this garbage entirely?

daltux
Isso mesmo! Há outras opções de interfaces alternativas para buscadores específicos, mas SearXNG, atualmente, parece ser o mais completo metabuscador — que consegue apresentar resultados de muitos serviços e que, além de já ter inúmeras instâncias abertas, pode ainda ser auto-hospedado para maior garantia de liberdades e controle do usuário.

#SearXNG #pesquisa #AGPLv3 #Copyleft #SoftwareLivre #NoScript 😻

CC: @santi@go.lema.org
docs.searxng.orgWelcome to SearXNG — SearXNG Documentation (2025.7.16+62fac1c6a)
Replied in thread
*
Erik van Straten

@pascaline : sja, ik waarschuw hier al "iets" langer voor (2011, destijds met pseudoniem Bitwiper ivm toenmalige baan): security.nl/posting/287588.

Met Wireshark en/of NoScript (onder Firefox) kun je alle spoken zien die jou op websites omsingelen - die precies registreren wat jij allemaal doet, en dat koppelen aan welke andere websites jij bezoekt en wat je dáár doet (welke pagina's je opent, waar je op klikt, hoe lang je kijkt etc).

Met NoScript geef ik uitsluitend toestemming voor het downloaden en uitvoeren van Javascript vanaf allerlei websites als dat echt niet anders kan.

#NoScript#Firefox#JavaScript
Nosaj :boost_ok: :loading:

I like that lots of websites are using #Anubis now to counter scraping and (apparently) DDoS attacks as well.

Is there a way to setup #NoScript to always allow Anubis to run without also allowing the whole domain? I still want to manually confirm the domain approval but I am always ok with Anubis.

mytwobits01

Follow-up for anyone else running into the problem of #YouTube videos stopping after one minute:

The solution is to allow javascript for google.com. (You can tell #NoScript to allow it, reload the page, then disallow it again. That should permit the video to work while still blocking Google's javascript elsewhere.)

Replied in thread
Erik van Straten

@sjmulder : door verschillende browsers te gebruiken heb ik daar minder last van. Vooral Firefox met NoScript (meestal op mijn Android smartphone) geeft mij enorm veel rust. Soms kan ik pagina's met paywall geheel of grotendeels lezen (zie screenshot).

Je hebt wel een leercurve voor NoScript en Firefox heeft ook nadelen (zie bijv. infosec.exchange/@ErikvanStrat en de follow-up toot over NoScript).

Vaak werkt het als je de primaire partij toestemming geeft om JavaScript uit te voeren, maar derde partijen niet toestaat (waaronder 3rd parties met namen waar "cookiebot" in vóórkomt).

Firefox Focus ondersteunt geen NoScript, maar is het meest privacy-vriendelijk doordat alle geschiedenis gewist wordt bij het sluiten van de browser. Sowieso belangrijk, maar in deze browser helemaal (omdat HSTS niet werkt): zet "https only" aan. Dat betekent dat je *gewaarschuwd* wordt bij onveilige http-verbindingen, die je vervolgens wél kunt toestaan.

Wat ook helpt is als tooters geen "URL-verkorters" gebruiken, zodat je kunt zien naar welke website de link leidt.

Ten slotte probeer ik vaak het m.i. belangrijkste stuk te quoten, of een screenshot te plaatsen (zo mogelijk mét Alt tekst). Dan HOEVEN lezers niet op links te klikken/drukken.

#Firefox#NoScript#Paywall
TiTiNoNero :__:

Restyling completed!

https://77nn.it

Now the site works just fine even with #Javascript totally disabled. But if you expect to listen to my podcast using the built-in player (which is handwritten) this will not work. However I placed several <noscript> tags explaining here and there what is not expected to work without JS.

At least all the content is readable and also rendering works just fine even after stripping almost half of the original CSS.

#smallweb#staticweb#noscript
Jordan

- A reputable anonymizing VPN service
- Linux
- Firefox (or compatible) web browser
- HTTPS-Only Mode
- Noscript
- User-Agent Switcher

These are some easy things that will keep you safe in the age where you shouldn't trust *anything* your device connects to online.

#cybersecurity#vpn#linux
*
Erik van Straten

@ottermiemuis : het is natuurlijk niet netjes, maar met #Firefox + #NoScript (hier onder Android) kan ik trouw.nl/duurzaamheid-economie helemaal lezen - zonder abo.

Door op "Alt" in onderstaande screenshots te drukken zie je een toelichting (een uitgebreide bij NoScript).

NoScript is een donationware extensie (plug-in) voor Firefox (werkt niet onder iOS) met veel zorg gemaakt en onderhouden door Giorgio Maone (@ma1 ).

Die NoScript pagina krijg ik te zien als ik rechtsboven in Firefox op "⋮" druk en daarna op "Extensions" > "NoScript".

Ik gebruik die plugin overigens niet om kranten te kunnen lezen, maar in de eerste plaats om mijn security- en privacy-risico's te verkleinen (en om te zien hoe vreselijk eigenaren van websites mijn privacy aan hun laars lappen).

@sanderturnhout @Hadewych
@vlindervriendje

Replied in thread
*
daltux
Se permitem o comentário paralelo, não entendo por que, por exemplo, #Mastodon não poderia pelo menos exibir os textos das páginas em um <noscript>, para visitantes poderem ler as publicações públicas, inclusive em qualquer navegador, mesmo em máquinas mais simples, em modo texto. Surpreendi-me ao me deparar com isso quando instalei o #NoScript.

Parece que normalizamos simplesmente assumir que todos devem aceitar execução de código remoto na sua máquina sem discussão. 💭

CC: @cadusilva@bolha.one @lxo@snac.lx.oliva.nom.br @juliano@bahia.no
Replied in thread
daltux
Se nem o site deles, que já é uma arapuca, deixam usar na tornozeleira 📵 então, o aplicativo só pode ser "TRApp" dos brabos (conceito de @lxo@snac.lx.oliva.nom.br) e só nos resta fugir desse fornecedor mesmo!

É triste constatar que a gente só descobre essas coisas passando a usar a extensão #NoScript ou algo parecido, para desabilitar #JavaScript por padrão e poder escolher quais domínios e a partir de quais outros permitirá carregar e executar na sua máquina o código remoto. Dá bastante trabalho porque 99% da #Web atual lamentavelmente não se importa com o problema e parte considerável dela abusa desse poder. Porém, o esforço extra parece muito necessário para, no mínimo, termos a ciência desses possíveis abusos e quanto precisamos abrir mão de nossa privacidade, às vezes da segurança e muitas vezes da liberdade para conseguirmos usar a maioria dos sites.

CC: @juliano@bahia.no
www.fsfla.org::[FSFLA]:: A Armadilha dos TRApps: Serviços e Usuários TRAppturados em Apps Rodando em Teletelas
daltux
Não basta ter que aceitar executar #JavaScript privativo "simples": você mal consegue abrir a página sem tentarem rodar #WebGL na sua máquina sabe-se lá com que propósito? 🚫 Não, obrigado, vou tentar comprar o sacão de ração pros bichanos nos concorrentes que não chegam a tanto. 💸

Normalmente, é com WebGL que conseguem extrair dados infalíveis de identificação da sua máquina. No mínimo, deve ser essa a ideia, e o #Librewolf até consegue simular alguns dados para evitar a exposição, mas, assim, não dá pra confiar nesse site se já parte pra esse lado: como dizem mais ou menos assim (com eufemismo aqui), mal cumprimentou e já quer me levar pra cama? Nem os bancos que tenho usado são tão abusados! É :ciladaBino: !

#NoScript #Privacidade #InfoSec #Shopee
Replied in thread
Karl Voit :emacs: :orgmode:

@simondueckert Die Artikelserie von @kuketzblog half mir.

kuketz-blog.de/librewolf-daten
Ggf. auch: kuketz-blog.de/browser-welche-

Es wurde #LibreWolf. Mobil #Vanadium auf #GrapheneOS.

Ist auch vermutlich eine gute Wahl aus #privacy & #security-Perspektive.

Allerdings gibt's bei LibreWolf das Problem, dass fast alle Zeitangaben nur noch in #UTC dargestellt werden. Besonders lästig bei Chats, Version Control Systems, Kalender, ... im Browser. Könnte man auch disablen aber offenbar nur als größeres Paket von an sich sinnvollen Anti-Tracking-Maßnahmen.

Diverse Workarounds haben bei mir bislang nicht funktioniert.

Meine Lösung aktuell: für diese Seiten, wo mir Zeitangaben wichtig sind, habe ich #Firefox (mit diversen Privacy-add-ons).

Das Wichtigste ist ohnehin in jedem #Browser #NoScript.

HTH

www.kuketz-blog.deLibreWolf: Datensendeverhalten Desktop-Version – Browser-Check Teil8Aus Datenschutzperspektive hinterlässt LibreWolf einen ausgezeichneten Eindruck. Das Datensendeverhalten ist vorbildlich. Einziges Manko: Die fehlende Auto-Update-Funktion.
#PIM#Webbrowser
Replied in thread
R.L. Dane :Debian: :OpenBSD: 🍵 :MiraLovesYou:

@m0xee

Yeah, I used to use #NoScript like @sotolf does, but with some sites like banking and "professional" websites, it's a trip and half to get the site to work at all, then to work in non-Chrome browsers, then to work with uBo/PrivacyBadger/CanvasBlocker, then adding NoScript to all of that jazz would really send me loopy. XD

But I think it's totally valid to have a "general browsing" browser that's locked down like Fort Knox, and then a very vanilla one for "don't break on me, cheems!" work sites.

I dunno. :P

TrendingLive feeds
About