Not feelin it... Rated 2 out of 5 stars

This works too well and totally destroys your browsing experience through disabling everything. Who wants to spend countless minutes adjusting settings to get the info they need on each and every page? Guessing what to enable and what to disable is tedious. When this gets smarter, I'll try it again.

This review is for a previous version of the add-on (0.5.20). 

Rated 5 out of 5 stars

It is mega-awesome extension that brings extra security! Unlike with the other browsers, I AM IN CHARGE OF MY BROWSER!

This review is for a previous version of the add-on (0.5.18).  This user has 2 previous reviews of this add-on.

needs ability to approve *.domain.tld Rated 5 out of 5 stars

great power but tripped up gui

__NEED__ to be able to approve all [seemingly random] subdomains of a given domain

This review is for a previous version of the add-on (0.5.18). 

Rated 4 out of 5 stars

This add-on is very interesting as it gives information about existing cross-site request, it should be in the future a good companion to "NoScript" and "Ghostery".

However at this time, the default behavior is to forbid all cross-site Request except the you have allowed manually : it is too much work to allow them one by one for all sites (some sites does not work well if you don't).

I will test it again if in future version the default behavior could be changed to allow everything except the one you forbid manually.

This review is for a previous version of the add-on (0.5.18). 

Rated 5 out of 5 stars

I've been waiting for FF4 thanks

This review is for a previous version of the add-on (0.5.18). 

Rated 4 out of 5 stars

I really like this addon. It does take some time to get permissions set up, but it's worth the effort.

Unfortunately I had to disable it because of an incompatibility with the Update Scanner addon that I rely on. However, the developer has it on his bug list, so once he gets that resolved I plan to turn it back on.

This review is for a previous version of the add-on (0.5.18). 

Update Scanner + RequestPolicy link click conflict resolved

There has been a recent improvement in the conflict between Update Scanner and RequestPolicy. As of RequestPolicy version 0.5.17, when you click a link from an Update Scanner webpage version/diff the link click is allowed instead of being blocked.

The major remaining conflict with Update Scanner, the blocking of cross-site requests for additional content requested by a webpage version/diff, can be worked around by allowing all requests from the origin "about:blank". This does mean that sites can intentionally bypass RequestPolicy, however you'll get the privacy/security benefits of RequestPolicy in most cases. I still hope to figure out a better solution.

Whitelisting is Completely Impractical Rated 1 out of 5 stars

Whitelisting is a completely impractical way to solve this problem. Almost every site you go to will host it's images or javascript on a different domain name (e.g. cdn4.whatever.example.com, images.cdn89.whatever.example.com) and those will fail to load. All I wanted to do was *blacklist* facebook and those fixed position bars at the bottom, but apparently adblock (without the default easylist) is the best way to do this.

This review is for a previous version of the add-on (0.5.18). 

Rated 5 out of 5 stars

this tool makes you feel you are finally controlling yourself. It's amazing how many websites are collecting your data without you knowing it.
Be ware, you may think it's inconvenient at first. But with no time, you will get used to it. Just manage your whitelist well

This review is for a previous version of the add-on (0.5.16). 

Rated 5 out of 5 stars

this is a brilliant plug-in given its intended scope. provides the fine degree of control needed to block the various nosy parkers on the net.

This review is for a previous version of the add-on (0.5.16). 

Rated 3 out of 5 stars

I give it only 3 stars, because this addon quite aggressively works into only one direction and blocks ANY off-site requests.
An approach to provide a blacklist with suspicious ad-servers, click-tracking etc is not available.
Instead, each site has to be dealt with separately. And this can be very time-consuming (although better for "paranoid security": For example Google Maps - 2 additional permissions required...
The provided white-lists upon 1st time installation are very limited.
It is also annoying, that there are no place-holders for any content blocked. So for example Paypal-donate and pay-buttons and lots of more stuff will just disappear by default. Still I do not know if technically it is actually possible to show place-holders for everything...

Another thing that disturbs me is the handling of redirects. Why this feature cannot be turned off in the GUI? It is just a bit frustrating...

Finally - before making any "checkout" on an online shopping site and paying by CC / home banking, this add-on should be disabled, as what the script does, can cause big problems here. In my case probably a session-cookie expired after re-initiating a redirect originally blocked by the addon... My card was charged, but merchant did not get the required info. I had to solve this issue manually by e-mail... Quite annoying.

Still interesting to see which content is requested by the different sites.

This review is for a previous version of the add-on (0.5.16).  This user has a previous review of this add-on.

Excellent, a "must-have" for security-conscious people. Rated 5 out of 5 stars

I think RequestPolicy is a "must have" add-on for anyone who is at all security-conscious.

Without RequestPolicy, it's amazing how a simple-looking website can actually be connecting you to a whole bunch of other sites too, sometimes undesirable sites that you have *no* idea about and not the type of site that you'd actually knowingly click on.

But with the RequestPolicy add-on installed, you get advance warning and you can decline to allow those sites on a case-by-case basis. Or, you can opt to allow whichever sites are necessary to make the main site work right.

You can choose to make those settings permanent, so that the next time you visit that site, the site will in all likelihood "just work" without having to go through the whole process again.

Or, if for some reason you don't want to keep permanent records (anywhere) of the sites you visit, you can opt to make the RequestPolicy settings temporary and then when you're done visiting that site, you can "revoke" the settings for that particular site.

RequestPolicy has an easy-to-use "Export" button which lets you save a backup copy of your RequestPolicy settings to a file at a location of your choosing. You can name this file whatever you want - I put a date on mine for easier future reference. Then, at some future time, you can click the RequestPolicy "Import" button and select whichever of your backup files you want, to restore Request Policy's settings to that previous state. I used the "Import" button recently after I installed a new version of Linux and new version of Firefox, and it worked really great - instead of having to go through the trial-and-error process of the various websites I visit, I just clicked "Import" and voila, there were all my settings, restored and ready to use. :)

True, you need a bit of patience sometimes when first visiting some new sites, especially the way some websites nowadays try to connect you to so many other things. Sometimes those things are necessary to make the site work, and sometimes they're not. It can take a bit of trial-of-error to figure out exactly which additional sites you need to allow to make some poorly-designed irritating website work correctly. That said, the worst that can happen is that you'll have to make a few extra clicks and take a few seconds to decide *which* sites to allow (that's where the trial-and-error part comes in) - but it's not *that* much hassle, really. Well worth it, considering that it allows you to (in my opinion) keep your computer safer by having the option to not connect to sites that you didn't actually click on, unless you specifically allow them.

RequestPolicy probably isn't something that the stereotypical techno-phobic senile grandma could handle, but for the rest of us, I highly recommend it.

____
- Firefox 3.6.x on Linux.
- RequestPolicy plays nicely with the other add-ons I use:
- The add-ons I have installed are, in alphabetical order: NoScript, RequestPolicy, Small Screen Renderer, User Agent Switcher, and WebDeveloper.

This review is for a previous version of the add-on (0.5.16). 

I wouldn't surf without it. Rated 5 out of 5 stars

A great security tool. Sometimes a nuisance to keep adding new sites to the approved list, but it has prevented me from going to unintended bad sites several times, and blocks ads. I wouldn't surf without it. It's good to know what material is being pulled into a page before it's too late. Especially Javascript where unknown danger may lurk.
I would like to see it enhanced to allow CSS sheets to be accessed without prior approval, possibly images too.

This review is for a previous version of the add-on (0.5.15). 

Rated 5 out of 5 stars

I think Request Policy needs 2 features:
- Allow all image load
- A hotkey to On/Off request policy quickly.

Thank so much!

This review is for a previous version of the add-on (0.5.15).  This user has a previous review of this add-on.

Rated 4 out of 5 stars

Satisfied

This is needed.

Instead of exporting to file (all the domains learned) it would be helpful to add to bookmarks. Similar to NoScript.

This review is for a previous version of the add-on (0.5.15). 

Love it Rated 5 out of 5 stars

Since i have this addon i won't life without pls continue this good work

This review is for a previous version of the add-on (0.5.15). 

Rated 5 out of 5 stars

indispensable - essential
merci

This review is for a previous version of the add-on (0.5.15). 

Rated 5 out of 5 stars

Thanks a lot! This exactly what I want.

The only wish is to support wildcards in domain names.

This review is for a previous version of the add-on (0.5.15). 

Rated 5 out of 5 stars

Great Add-on! It is so much more user friendly than NoScript. It trains you to be aware of what cross site requests are being made from each web site. It is possible to turn off 'Indicate Blocked Images' to make it even less intrusive. Keep up the good work.

This review is for a previous version of the add-on (0.5.15). 

Rated 5 out of 5 stars

Отлично!

This review is for a previous version of the add-on (0.5.15). 

A must! Rated 5 out of 5 stars

Forgive me if this double posts as my connection tonight is really cranky. I put this one in my "Apollo! Pack" collection and after playing with it for a while I consider it a MUST have! The only slight issue I have found is things like this combined with other security add-ons like NoScript Cookie Whitelist, Ghostery... will trip up rookies who are used to surfing in ignorant bliss. Some of them will panic when pages don't load or appear to function fully. I am working on putting up a help page or two to explain just what the heck some of these things are and why a newbie WANTS to be bothered with toggling these things.
I read and agree with the past reviews of this one and I also agree that when you get rid of all the junk scripts, requests, ads... it speeds up pages since they aren't having to connect to and load all the junk! The bottom line is this one is a true 5 star rating!

This review is for a previous version of the add-on (0.5.14).