Not a threat! Rated 4 out of 5 stars

Ran the tests and passed no problem for me. I think some optional AI could be included to automatically allow web page elements to make surfing a little less painfull. Otherwise this is a great addon, love it!

This review is for a previous version of the add-on (0.5.22.1-signed.1-signed). 

possible security threat! Rated 1 out of 5 stars

i recently posted a review stating that when you have request policy installed and enabled when you do a browser security test at browserscope.org "the sts test" http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security the test will not complete and does not work but when request policy is installed but disabled the test fails. when request policy is not installed the sts test passes. just stating the obvious that request policy could be a target for a man in the middle attack. on my last post this security flaw was acknowledged by request policy then my post mysteriously disappeared.

This review is for a previous version of the add-on (0.5.22.1-signed.1-signed). 

Hi. My previous reply did not acknowledge a security flaw (there is not one). RequestPolicy's blocking of requests can make some Browserscope tests fail but that doesn't mean there is a security flaw. Rather, some tests may not have been able to run. Please see this ticket for more information: https://github.com/RequestPolicy/requestpolicy/issues/251 --- Thanks!

Rated 5 out of 5 stars

Agree with the other five-star
reviews. Absolutely excellent add-on....

This review is for a previous version of the add-on (0.5.22.1-signed.1-signed). 

Best kept secret on Firefox Rated 5 out of 5 stars

This add-on is simply amazing. It adds a layer of security while browsing by allowing you to pick which third party scripts you would like to run. It may be tricky to configure at first but once that initial stage has passed there's not much to do.

This add-on allows you to be back in control while browsing and that has got to be a great thing. I applaud the creator of this add-on and thank him for helping to give the web back to the people.

This review is for a previous version of the add-on (0.5.22.1-signed.1-signed). 

Rated 5 out of 5 stars

I find this plugin as important as noscript. Using requestpolicy makes surfing extremely secure as the addon will only pull side resources from the domain you actually view. I've seen many times browsers to get hijacked while posting in forums simply because someone linked an outside resource script as an avatar and the forum s/w allowed it. Having requestpolicy solves such problems. It's one of the top security plugins for FF.

This review is for a previous version of the add-on (0.5.21.1-signed.1-signed). 

Google-analize me... Never again! Rated 5 out of 5 stars

Wauw... I love this addon, indispensable for anyone wanting an ounce of privacy. anno 2011 virtually EVERY site has Cross Links*, and most of them to google! even the most inconspicuous blogs or friend's homepages.
* had to open about 50 sites before i found one without cross links!

Note: Most pages work fine without cross links. The sites (eg. site.com) that need cross links usually have an site.img.com site.media.com etc. domain to store their images or media. Just choose Allow -domain- from the dropdown menu when you click the red flag... And the site works every consecutive time you load it.

I understand website publishers would like statistics on who's visiting their pages and that google provided this service for free. But my golly! Did no-one think of the consequences of google knowing each and every ip adres browsing habit all over the globe? Even when buying an airticket on klm.com or reading newssites, google knows where you are! with request policy, I'm back in control of what companies harvest which sites i visit.

This review is for a previous version of the add-on (0.5.21.1-signed.1-signed). 

Rated 5 out of 5 stars

A great security enhancement for the advanced user!

BTW, could you please add compatibility for newer SeaMonkey versions? It works perfectly up to 2.4a!

This review is for a previous version of the add-on (0.5.21.1-signed.1-signed). 

Blocks everything, but... Rated 4 out of 5 stars

I don't see how the casual user is supposed to use this in any sensible way. Some sites redirect almost their entire content. A site like ebay might have 50 things blocked. How can anyone decipher which redirects are dangerous and which are not? The temptation is to just let everything through. Technically it works well and does not impact performance. This is more for the serious computer gearhead.

This review is for a previous version of the add-on (0.5.21.1-signed.1-signed). 

Rated 5 out of 5 stars

¡¡Great addon!!. First, you will know how the web is working and sharing information about you; second, it will give you plenty of control about cross referencing. On other hand, I like to see the source code to see what the author is doing.

This review is for a previous version of the add-on (0.5.20.1-signed.1-signed). 

Rated 3 out of 5 stars

Great addon in theory, maybe works too well. I have used NoScript and I do know that this addon and NoScript both block different elements and should be used together. However this addon requires too much customisation . Also it would be useful to have an option to allow requests to/from a particular domain; at the moment both are separate options (unidirectional). One good point of this addon is that is has a small memory footprint compared to other security addons.

If someone could produce a whitelist (much like Easylist for Adblock Plus) - this would cut down on the tedious initial customisation of the addon and I would be more inclined to use it. However, I do recommend this for the more paranoid Firefox user if they can handle tweaking from the outset. I'll stick to my trusted 5 security addons of NoScript, Adblock Plus, Ghostery, BetterPrivacy and CookieCuller for now.

This review is for a previous version of the add-on (0.5.20.1-signed.1-signed). 

Not feelin it... Rated 2 out of 5 stars

This works too well and totally destroys your browsing experience through disabling everything. Who wants to spend countless minutes adjusting settings to get the info they need on each and every page? Guessing what to enable and what to disable is tedious. When this gets smarter, I'll try it again.

This review is for a previous version of the add-on (0.5.20.1-signed.1-signed). 

Rated 5 out of 5 stars

It is mega-awesome extension that brings extra security! Unlike with the other browsers, I AM IN CHARGE OF MY BROWSER!

This review is for a previous version of the add-on (0.5.18.1-signed.1-signed).  This user has 2 previous reviews of this add-on.

needs ability to approve *.domain.tld Rated 5 out of 5 stars

great power but tripped up gui

__NEED__ to be able to approve all [seemingly random] subdomains of a given domain

This review is for a previous version of the add-on (0.5.18.1-signed.1-signed). 

Rated 4 out of 5 stars

This add-on is very interesting as it gives information about existing cross-site request, it should be in the future a good companion to "NoScript" and "Ghostery".

However at this time, the default behavior is to forbid all cross-site Request except the you have allowed manually : it is too much work to allow them one by one for all sites (some sites does not work well if you don't).

I will test it again if in future version the default behavior could be changed to allow everything except the one you forbid manually.

This review is for a previous version of the add-on (0.5.18.1-signed.1-signed). 

Rated 5 out of 5 stars

I've been waiting for FF4 thanks

This review is for a previous version of the add-on (0.5.18.1-signed.1-signed). 

Rated 4 out of 5 stars

I really like this addon. It does take some time to get permissions set up, but it's worth the effort.

Unfortunately I had to disable it because of an incompatibility with the Update Scanner addon that I rely on. However, the developer has it on his bug list, so once he gets that resolved I plan to turn it back on.

This review is for a previous version of the add-on (0.5.18.1-signed.1-signed). 

Update Scanner + RequestPolicy link click conflict resolved

There has been a recent improvement in the conflict between Update Scanner and RequestPolicy. As of RequestPolicy version 0.5.17, when you click a link from an Update Scanner webpage version/diff the link click is allowed instead of being blocked.

The major remaining conflict with Update Scanner, the blocking of cross-site requests for additional content requested by a webpage version/diff, can be worked around by allowing all requests from the origin "about:blank". This does mean that sites can intentionally bypass RequestPolicy, however you'll get the privacy/security benefits of RequestPolicy in most cases. I still hope to figure out a better solution.

Whitelisting is Completely Impractical Rated 1 out of 5 stars

Whitelisting is a completely impractical way to solve this problem. Almost every site you go to will host it's images or javascript on a different domain name (e.g. cdn4.whatever.example.com, images.cdn89.whatever.example.com) and those will fail to load. All I wanted to do was *blacklist* facebook and those fixed position bars at the bottom, but apparently adblock (without the default easylist) is the best way to do this.

This review is for a previous version of the add-on (0.5.18.1-signed.1-signed). 

Rated 5 out of 5 stars

this tool makes you feel you are finally controlling yourself. It's amazing how many websites are collecting your data without you knowing it.
Be ware, you may think it's inconvenient at first. But with no time, you will get used to it. Just manage your whitelist well

This review is for a previous version of the add-on (0.5.16). 

Rated 5 out of 5 stars

this is a brilliant plug-in given its intended scope. provides the fine degree of control needed to block the various nosy parkers on the net.

This review is for a previous version of the add-on (0.5.16). 

Rated 3 out of 5 stars

I give it only 3 stars, because this addon quite aggressively works into only one direction and blocks ANY off-site requests.
An approach to provide a blacklist with suspicious ad-servers, click-tracking etc is not available.
Instead, each site has to be dealt with separately. And this can be very time-consuming (although better for "paranoid security": For example Google Maps - 2 additional permissions required...
The provided white-lists upon 1st time installation are very limited.
It is also annoying, that there are no place-holders for any content blocked. So for example Paypal-donate and pay-buttons and lots of more stuff will just disappear by default. Still I do not know if technically it is actually possible to show place-holders for everything...

Another thing that disturbs me is the handling of redirects. Why this feature cannot be turned off in the GUI? It is just a bit frustrating...

Finally - before making any "checkout" on an online shopping site and paying by CC / home banking, this add-on should be disabled, as what the script does, can cause big problems here. In my case probably a session-cookie expired after re-initiating a redirect originally blocked by the addon... My card was charged, but merchant did not get the required info. I had to solve this issue manually by e-mail... Quite annoying.

Still interesting to see which content is requested by the different sites.

This review is for a previous version of the add-on (0.5.16).  This user has a previous review of this add-on.