Recenze doplňku NoScript Security Suite
NoScript Security Suite od Giorgio Maone
2 219 recenzí
- Hodnocení: 2 z 5od uživatele Uživatel Firefoxu - 13553842, před 6 letyGeorgio wrote:
> Unfortunately I cannot do the impossible (recreating legacy NoScript on the new, much more limiting WebExtension platform)
> just because "people" ask for the impossible. And I've the duty to provide the best security NoScript
BUT maybe it is not so much about recreating the old thing, than understanding what the problem with the new thing is. First you need to accept that the current approach is simply not intuitive. As a dev (I am one myself, so I had this problem myself) its hard to understand when that happens, because for you its as familiar as a part of your body, but it is obviously a mistery for everbody else.
Also, about your "duty": Its true what you said, but: if many people now dont use NoScript at all, because they do not get it anymore, you decreased web security by a lot.
So:
- Simpler is better. Simpler might be less safer, but if the alternative is not using it at all, it's still better. Way better.
- get rid of the slider. It looks mhm good(?), but its not recognizable as one.
- there is way to much clickable stuff, one does not get what is a button, what a link and whatnot...
- make it simpler: hide everything exept: domain name, status icon and -depending on the status- two buttons for each entry.
- clear design, dont change font size and font color at any time
- No xss-popups. In fact, never, ever use popups.
Instead:
- a simple list of domains like before, each with a status icon in front of it: your blue "S", for allowed, same with a little clock for temporarily allowd, red crossed "S" for disallowed
- depending on the current status of an entry, two buttons:
- if currently allowed: "disallow" and "temp. disallow"
- if currently disallowed: "allow" and "temp. allow"
- these buttons need to be different than the status icon. I would use red X and green hook/check, each with and without a little clock.
- dont make anything but the buttons clickable! not the text, not the status icon.
Thats it.
You can add a (clearly seperated from the other buttons, clearly different graphic) button behind each list entry to hide all the detailed settings, for the expert. Everybody else gets the simple list.
At the very buttom of the list go -clearly separated - three entries: "temp allow all" and "save permissions for this site" and "deactivate noscript".
No problem to do that in html. And believe me, people will love you again. :)
If you would like me to make a mockup of what Ive just desrcibed, just say so and tell me where to send it.
And btw.: You dont owe us anything. People have no right being rude to you about something you gave us for free. But maybe see their ill-advised passion as a testament to how important NoScript is to us. That is something I think, even if you must hate the internet right now.
I thank you for the old NoScript and that it helped increase my security. But I won't use the current one. So I would thank you again if you make it simple and easy to use again. - Hodnocení: 3 z 5od uživatele Uživatel Firefoxu - 12962480, před 6 letyHaving initially thought this extension was the cause of some websites not working properly, I uninstalled it and continued to have trouble. I then found that AddBlockPlus can cause some websites to not work correctly and they work after disabling ABP. Reinstalled NoScript and doing further testing.
However, I'm not particularly rapt in the UI. - Hodnocení: 2 z 5od uživatele Uživatel Firefoxu - 13552862, před 6 letyUsed to be good before they recently broke it with confusing and to some extent buggy UI. Tried to wait it out, but it's starting to really get on my nerves so for now I'll disable it and find an alternative. Even had to disable it to write this review, since the alternative seems to be to allow more or less known scripts (permanently?) until I happen to stumble upon the right one.
I really wish they'd just leave NoScript the way it was and make this experimental version a NoScript 2 Alpha/Beta or something like that instead. - Hodnocení: 3 z 5od uživatele Uživatel Firefoxu - 13552634, před 6 letyThe new version was horrible to begin with, but it's been gradually smoothing out. The new interface still feels odd, but I'll let it ride a few weeks and see how it shapes up. For the most part I've been browsing the sites that have existing rules from the old version without issues. Today, however, I logged into Office 365 for a customer and nothing at all would load. The only option in NoScript was for Microsoft.com and it was already allowed. I had to disable the extension to get the website to work in Firefox. I would think this is a pretty high profile site that should not be having those sorts of issues.
- Hodnocení: 5 z 5od uživatele Uživatel Firefoxu - 13220755, před 6 letyIn my opinion, the 57+ firefox version does not work well yet, but it is partly Mozilla wine. Instead of writing negative reviews, report errors to the author and you do not panic that "something does not work". @Giorgio Maone you created a really good plugin and it is appreciated.
- Hodnocení: 4 z 5od uživatele Uživatel Firefoxu - 13544338, před 6 lety
- Hodnocení: 1 z 5od uživatele Uživatel Firefoxu - 13551642, před 6 lety
- Hodnocení: 2 z 5od uživatele Uživatel Firefoxu - 13551624, před 6 letyIt is a real pitty that you do not seem to want to listen to the incredible ammount of people who are trying to tell you that you messed this up.
If 90% of the people dont understand the new UI, its not the people, its the UI. For example the list is too large, and without an explaination you cant tell the status of an entry. And if -by accident- you manage to click what was "allow" before you have no idea if its temparily allowed or permanently.
I gave this addon another try today and now I get at least one XSS warning popup every 30 seconds. I mean popups? Really? Reminds me of the old personal firewall days, when you got so much warningsall the time, that after a while you just allwed everything just to be left in peace. Popups are a bad, bad, bad idea.
Please recreate the old look and feel and behaviour!
And I get from your comments that you cant do that exactly, but I dont see a reason why one could not try to recreate that as close as possible. Even if it does not look fancy and colorful like now. Because belive it or not, that is obviously not what people care about.Odpověď vývojáře
zveřejněno před 6 lety"I dont see a reason why one could not try to recreate that as close as possible".
*This* is as close as possible a WebExtension can go, and I've done and I'm doing my best to compensate the unavoidable loss in usability (due to the fact WebExtensions UI are just HTML web pages) with more customizability, and at the same time to provide feature parity security-wise. If people want the old version as it was, with the floating hovering menu and the "Allow / Temporarily allow / Forbid" commands (which, BTW, functionally map one-by-one with the new TRUSTED/UNTRUSTED paradigm), they can use Firefox 52 ESR or the Tor Browser as long as they're supported: on Firefox 57 this stuff is just out of reach for add-ons.
Unfortunately I cannot do the impossible (recreating legacy NoScript on the new, much more limiting WebExtension platform) just because "people" ask for the impossible. And I've the duty to provide the best security NoScript can provide to people which actually rely on it, even for their physical safety (and no, uMatrix / uBlock / ScriptSafe & C. are not up to the task, simply because they've got a completely different scope). - Hodnocení: 3 z 5od uživatele randy826, před 6 letyEvery time I click on the NoScript icon to set allow/block sites, the Firefox window is un-maximized. Very Annoying! I preferred the original method with the simple drop-down list. It was much easier to see the status of each site and to change the status.
- Hodnocení: 2 z 5od uživatele Uživatel Firefoxu - 13551289, před 6 letyOk, I just got the update and have to say I really hate the new version and am considering dumping it completely. There are a lot of reasons why.
Under the old version, when you visit a new website, it shows a popup saying that scripts are disabled and giving you a quick option to temporarily or permanently enable scripts for just that website. Under the new version, you don't even know if the scripts are blocked, and if the website is malfunctioning because it needs its scripts, or what.
Also, the new UI really sucks. Everything is all icons now and I don't have a clue what any of them do. Am I allowing scripts or blocking them? Am I permanently allowing them or just temporarily? You could at least give us the option to go back to the classic interface.
I've also noticed that for every single website I go to, I have to tell it not to allow XSS from that website to facebook.com. It's really annoying. There is no option to just say, don't allow XSS from anywhere to facebook.com. Under the old version, it only gave me an XSS warning for a certain few websites which I could then do an unsafe reload. Now it's like there's cross-scripts everywhere.
Ok so maybe a useful feature would be to allow for example facebook.com (seems to be the main offender here) when I'm ON facebook.com, but disable it when any other website tries to cross-script to it.
Anyway to sum it up, the new version nags me incessantly and isn't clear enough about what's going on for me to figure out how to allow the scripts I want and block the ones I don't. Please go back to the old version.Odpověď vývojáře
zveřejněno před 6 lety1) The UI shows you all the domains that are trying to run active content, just like before, but more compact. You can allow them individually (by assigning the TRUSTED preset), leave them not running (DEFAULT), blacklisting (UNTRUSTED) or even assign CUSTOM permissions. Not just that, but better than before if you can modify each preset on the fly and even see the minimum permissions needed for the site to work (they've got a pink background).
2) To assign the TRUSTED preset temporarily, you just click it once. To make it permanent, you click the clock icon and make it fade away (temporary->permanent).
3) The XSS filter now has a "Always block requests from a.com to b.com" option, that you can use exactly the way you say you want. - Hodnocení: 2 z 5od uživatele Almair, před 6 letyUgly interface. Not usable.
Return old interface, please... :(Odpověď vývojáře
zveřejněno před 6 letyThe UI cannot be the same as before because WebExtensions are limited to a handful of customization entries, all HTML-based. But with some constructive feedback we can make it even better than before (it's already more customizable). Please visit https://noscript.net/forum with your ideas, thanks. - Hodnocení: 2 z 5od uživatele Uživatel Firefoxu - 13462509, před 6 letyStill quite buggy... time to find a replacement, sadly. Thanks for all the script blocking to this point.
- Hodnocení: 1 z 5od uživatele RailWolf, před 6 lety
- Hodnocení: 1 z 5od uživatele Vyflus, před 6 lety
- Hodnocení: 2 z 5od uživatele Uživatel Firefoxu - 13549703, před 6 letySo I load a page and the addon button shows a tiny "3", but lists only one domain. I allow all from that domain, reload and the page still doesn't work. How do I see the other 2 domains?!
Then I try the NoScript settings only to find that:
- it by default allows scripts from a bunch of sites that I don't trust,
- there is no way to auto-block all the domains in that list,
- all the old settings are gone .. can't find them anywhere.
Uninstalled.. fortunately, it still works in a slightly older version of FF.
Rating 2 based on the average experience. - Hodnocení: 2 z 5od uživatele Uživatel Firefoxu - 13537226, před 6 letySu Firefox Quantum ha perso molte delle sue caratteristiche e delle possibilità di configurazione. Ora si limita a disattivare gli script con la possibilità di inserire i siti in una white list. Un po quello che faceva l'estensione NOscript.
- Hodnocení: 4 z 5od uživatele bedwttr, před 6 letyExcellent extension with fine grained controls!
Didn't want to post this bug report here, but couldn't find a link anywhere on the website for bug reports. So, forgive me for posting it as a review. Nothing negative about this extension!
On the latest version, running on 58.0b8 whenever I have focus with my cursor on the extension in toolbar, the browser becomes minimized. Pretty weird. - Hodnocení: 4 z 5od uživatele Uživatel Firefoxu - 13549526, před 6 letyFF57 is a big challenge. Don't be disappointed. Being a father 24/7 is more important.
- Hodnocení: 3 z 5od uživatele Uživatel Firefoxu - 12980506, před 6 letyIt seems much less effective than before, I can't figure out how to exclude primary domains from filtering as I could do before. And don't know why window resizes when the icon is clicked... Dài grande Giorgio, ce la puoi fare!
- Hodnocení: 2 z 5od uživatele Uživatel Firefoxu - 13548373, před 6 letyThis used to be my go-to script blocker and it was fantastic. With the latest update though to make it work for the new Firefox, everything is upside down and it's more or less unusable in its current state. The addon's menu keeps bugging out and cant decide whether to be a dropdown like before or a standalone window. Furthermore I can no longer easily whitelist entire pages except for temporarily which is rather tedious for sites I visit alot. That it also refuses to save my settings for a specific site (where I have taken the time to click which parts of it I want to trust and which not) just makes the experience more frustrating.
Please return this addon to its former look and functionality, it was much much better. - Hodnocení: 3 z 5od uživatele Uživatel Firefoxu - 13548239, před 6 letyHorrid excuse of a script blocker. Firstly, I can't even get it to just open normally, it has to open a whole tab of everything I have open, not just the tab I am on, secondly, clicking the icon, takes me out of full window mode, into smaller window mode which is just annoying as can be. Why can't you make it as user friendly, and easy as ScriptSafe on Chrome?
- Hodnocení: 1 z 5od uživatele jollyD, před 6 lety
- Hodnocení: 5 z 5od uživatele CCCM89, před 6 letyNoScript currently resizes the window for firefox whenever I click on it and opens several pop-ups of the list of current scripts. This makes it exceedingly difficult to use the script at all. I'll try downgrading it, but if I can't, then it's pretty much unusable at this point...
Can't find an older version, so I guess I can't uses this reliably. Possible solution, and a nice additional feature would be having a drop-down menu available on right click. Would have been easier with the old UI of NoScript, but it could make things much more efficient if you find a way to ad this...
...or, you know, fix the bug with it resizing my firefox window every time i click it. - Hodnocení: 1 z 5od uživatele Uživatel Firefoxu - 12979544, před 6 lety
- Hodnocení: 2 z 5od uživatele Uživatel Firefoxu - 13547390, před 6 letyUnable to use the newer addon now. Doesn't work now. I'm currently using the 10.1.3 version now but can't get the web browser to work until the addon is disabled again. If the pages are marked to allow access, evetually they get to a state to show allowed but shown in red text. If you toggle not allow allow it doesnt get back to a usable state. I can't even search google now, with page allowed, it doesn't let you select any items returned from a search. Please sort the issue because this is the best software to do the job of blocking items. We appreciate your work, but 2 stars to show it is really busted with the newer firefox version