Comment #32 on issue 1748 by [email protected]: feature request:
noscript-like javascript filtering desired
http://code.google.com/p/chromium/issues/detail?id=1748
@ syscoder: Companies consist of people. People get paid by companies.
Separating the
two is a false dichotomy. Amazingly, "independent" researchers hired by
pharmaceutical companies tend to find that - surprise! the drug they are
testing is
indeed safe and effective. I think this is what Guardian was referring to
in his
conflict-of-interest remarks. Failure to provide a secure API for NoScript,
when the
developer has offered to port it at his own time and expense, really says
it all.
@ Robert Bradbury: Some NoScript users feel that it's too cumbersome.
Setting up two
profiles is even more cumbersome, as is switching profiles in the middle of
a
session. Plus, it seems that your idea is the same as MS's "all-or-nothing"
JS: You
allow all JS from a page, including third parties, or you put it in a
lockdown zone
that allows none -- which, indeed, breaks a lot of sites. The flexibility
of NoScript
is that you can choose to allow the main site *without* allowing third
parties, ad
agencies, data-miners -- like, say, Google-Analytics.com -- with a single
click or
two; no profile change, and totally selective. And can be reverted just as
easily.
"Because if
you have NoScript really cranked down, it is no different from running
chrome with
--disable-javascript. "
Yes, it is. See above. You can enable any script source with a click. And
you can
permanently whitelist trusted sites while permanently blacklisting the
3rd-party
scripts running on said trusted site.
"There is no difference in the functionality -- the only
difference is when you choose to exercise some wisdom with respect to
potential
problems with Javascript. And be honest here -- how many people actually
read the
Javascript involved and can actually say this is safe vs. un-safe code?"
I don't need to read DoubleClick's JS code (owned by Google since 2008,
btw) to know
that I don't want to allow it. Same with every other third party, and a lot
of first
parties. If I don't need it, or don't trust the site, I don't care if their
JS is
dancing bunnies -- it's not going to be allowed. Millions of users use
NoScript
successfully without reading JS at all.
"If one does
not do that, then ones voice is merely sound and fury signifying nothing."
I appreciate a good Shakespeare (mis)quote, out of context or not, but
based on the
above, the voices here advocating the API for NoScript and Adblock, and
fearing that
Google will never allow it because most users will block DoubleClick,
Google-Amalytics, Google-Syndication, etc. are sounds of wisdom, signifying
plenty.
Parting this message is such sweet sorrow, that I shall say good-bye with
another WS
quote: Google suffers from "the insolence of office" (power), as does MS.
Different
ways, perhaps, because they're different companies, but insolence of power
nonetheless, and the more they gain and the more companies they buy, the
worse it gets.
No Google Chrome for this user. An ad-promoting piece of spyware by any
other name
would smell as rank. As far as I'm concerned, Chrome is "Bard" from this
machine.
(Yes, you may heave rotten eggs at the rotten pun.)
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--
Automated mail from issue updates at http://crbug.com/
Subscription options: http://groups.google.com/group/chromium-bugs
