On 02/15/2017 03:02 PM, [email protected] wrote: > Gosh I have a headache, I'm sorry but have you ever even used NoScript?
Yes, I have, quite extensively, and I would appreciate it if you would take the time to understand what I am actually requesting rather than talking to me as if I was an idiot. > NoScript blocks everything by default and then you simply allow SPECIFIC > individual things ONLY that you want to allow as you go. Specific individual *locations*. But that doesn't matter all that much. What matters is that NoScript does not support allowing all scripts on the page to execute *once*, while still refusing to run any Javascript in *all* other contexts. That doesn't mean blocking specific scripts, or allowing specific scripts. That means univerally blocking scripts, but allowing all of the scripts requested by a specific *page*. > I never have to turn on all javascript, reload, do work, turn it off, > reload, and go crazy. NoScript blocks everything, and I simply allow > only what I need. You have completely misunderstood the purpose of what I am suggesting. NoScript is an improvement if all you want is better security *and* you're an advanced user. I want something that can be made the *default* behavior of a browser, which both is easy to use *and* results in JavaScript being disabled most of the time. When talking about a *simple* mechanism for users to keep JavaScript *entirely* off most of the time (which is *not* the same thing as keeping *most* scripts off based on a whitelist), the only solution that currently exists is to toggle JavaScript. > what you are suggesting is basically a more permanent version of the > "temporarily allow all" button in NoScript No, it's a less permanent and more reliable version, and also one that doesn't cause scripts to accidentally be allowed on other pages. > "magic button of safety" It's not a button of "safety", it's a button of *danger*. The safety is in *not* having that as the state of affairs unless you press it. > push it over and over again until it gives them what they want They would only need to push it once. You're confusing what I'm proposing with NoScript again. > I rather spend the effort educating newbies Ignoring the fact that what you are implicitly proposing is impossible, are you implying that the state of JavaScript use on the Web is acceptable, and that all you need to do is know how to navigate it? I completely disagree. I wrote why here: https://onpon4.github.io/other/kill-js/ To recap, the way JavaScript is silently installed and executed on people's browsers makes it, practically speaking, impossible to control what they do. That is unacceptable. What I'm suggesting here would do nothing to fix that, directly. But it would work toward solving it by killing JavaScript, because it would make a browser that doesn't execute JavaScript *convenient* for the masses, and it would exert a (however small) pressure on Web developers to stop requiring their superfluous JavaScript code. -- Julie Marchant https://onpon4.github.io Protect your emails with GnuPG: https://emailselfdefense.fsf.org
signature.asc
Description: OpenPGP digital signature
-- http://gnuzilla.gnu.org
