[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Quick question on Torbutton and NoScript
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Quick question on Torbutton and NoScript
- From: Ringo <2600denver@xxxxxxxxx>
- Date: Tue, 05 Jan 2010 03:46:45 -0500
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Tue, 05 Jan 2010 03:47:13 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:content-type:content-transfer-encoding; bh=DNDSfxTqSlZen18Lrg9s+ZOozgGoGceSohIUF7TjCoY=; b=tV8kjlNFb3XAtHQkadVLvku8GmteiQrjyoR7H+2aWucmaaNISgnMZrzY2j70usKWv8 GJNi6yWfsIuEO6y6WyQomJzC3TjBLpipAwAOpeTGY2Pk635M630rjLWYeyX75J9jbhPa Hq73HGvBs/2bRBuSPs0WSpuSo3f0t9h/3ktgE=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type :content-transfer-encoding; b=OSpRpk0UbjlKAZ1VzFbda4tL92GO6Dx4n2aXZPdw+uHZ5brwchm9Rw6jx9Z2Bg3o65 wueI05xAR2uCVRpg3i2hjU2UuoFVUKMKibLS7sm8VxCeZyHVOMnBI/MSURag7LEWNOF9 KydhEBplBmCVdjtfXG2qU0A3feDYY5zTXSi4k=
- In-reply-to: <4B42F81D.5000806@xxxxxxxxxxxx>
- References: <4B42F592.6050106@xxxxxxxxx> <4B42F81D.5000806@xxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Thunderbird 2.0.0.23 (X11/20090817)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I figured it would work the same way but interestingly enough, even with
noscript on allow everything, some javascript still fails to work. I'm
guessing this means TorButton is doing some work in the background, but
I could be wrong.
I have heard that js has an option to bypass proxies or contact local
routers, which is part of the "dangerous javascript" that I assume
torbutton would hook. For good measure, I've manually blocked anything
in the local subnets but I think that might be overkill.
Ringo
Marco Bonetti wrote:
> Ringo wrote:
>> Does the TorButton "hook dangerous javascript" function still work if
>> you tell noscript to allow scripts on certain pages/sites?
> IIRC when I was questioning about the torbutton/noscript compatibility I
> received this answer: "if you turn on js, you break torbutton
> functions". This was long time before the noscript restriction of active
> content during https and many versions of torbutton ago, when noscript
> was still an unfriendly tor extension, so take it with a pinch of salt ;-)
> I'm assuming that, yes, enabling js via noscript will take over
> torbutton block mechanism but the ability of noscript to restrict the
> active contents from https only is a great aid in such situations.
>
> ciao
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAktC/HUACgkQETpif9i/sroolwCeJ0iKt4nojAYWaTiZRJ7RI4Rc
ewMAn1iJLNRquR/d9KYedH6EyujLpEqx
=hzBJ
-----END PGP SIGNATURE-----
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/