Le 21/12/2021 à 14:24, Eike Lantzsch ZP6CGE a écrit :
On Dienstag, 21. Dezember 2021 09:43:42 -03 Kenneth Parker wrote:On Tue, Dec 21, 2021, 3:15 AM local10 <local10@tutanota.com> wrote:Dec 21, 2021, 02:13 by jeremy@ardley.org:You can mitigate XSS by having a single browser that is used solely to>access high value sites. e.g. if you routinely run Firefox, have a copy of Vivaldi that you use to access your banks - one at a time. Installing NoScript also may help as it has an option to sanitize cross-site suspicious requests. NoScript also speeds up the browser by disabling all the tracking and spying scripts many sites load nowadays. Just make sure to disable all the garbage it has enabled by default after the installation.+1 on NoScript. I particularly like the White List capabilities, where you can allow Scripts by Website, and even only one time. I only know it to work with Firefox, at this time. Kenneth ParkerIs this *No-Script Suite Lite by AdblockLite[1]* (this one has a whitelist feature) or *NoScript Security Suite by Giorgio Maone[2]* (has a whitelist feature too) or other? I'm using Privicy Badger among other means like limiting and redirecting DNS requests. But that does not avoid JS. Cheers Eike -------- [1] https://addons.mozilla.org/en-US/firefox/user/11285580/ [2] https://addons.mozilla.org/en-US/firefox/user/143/
It is the second one, "Noscript" in one word [1]. Several look-alike have spawn over the years. I also use Umatrix [2], but it is more complex.
For Firefox: [1] https://addons.mozilla.org/fr/firefox/addon/noscript/ [2] https://addons.mozilla.org/fr/firefox/addon/umatrix/ At least one of those is packaged in Debian.