Re: Mozilla: howto block java for certain servers was: howto *really* 'accept images that come from the originating server only'?
On 25/01/06, Florian Kulzer <florian@molphys.leidenuniv.nl> wrote:
> Johannes Wiedersich wrote:
>
> [...]
>
> > Closer inspection shows that this is not due to the embedded images, but
> > the source code contains javascript as well that is pointing to the
> > external server.
> >
> >> NB 2: I consider this a security hole:
> >
> >
> > It would be nice, if site specific configuration of java and/or
> > javascript was possible with Mozilla as is implemented for images,
> > popups etc.
>
> Try the "noscript" extension. It allows you to manage javascript
> permissions on a per-site basis. All javascript is forbidden by default
> and you get a small icon on the bottom of your browser window which
> indicates the javascript-status of the current site. You can then change
> the permissions via a handy pop-up menu when you click on this icon. I
> like especially that it allows me to use the javascript functionalities
> of a certain site while still blocking all the embedded javascript from
> other sites (which is normally related to marketing and user tracking).
>
> Unfortunately I don't know of any comparable extension for java. The
> "prefbar" extension will at least allow you to switch it on and off
> quickly without having to go three levels deep into the preferences
> menu.
NoScript, (4.54 stars, 210668 downloads)
Extra protection for your Firefox: NoScript allows JavaScript, Java
(and other plugins) only for trusted domains of your choice (e.g. your
home-banking web site). This whitelist based pre-emptive blocking
approach prevents exploitation of security vulnerabilities (known and
even unknown!) with no loss of functionality... Experts will agree:
Firefox is really safer with NoScript ;-)
Looks like NoScript handles Java too.
--
~ Darryl ~ smartssa@gmail.com
http://smartssa.com / http://darrylclarke.com
Reply to: