This tutorial will touch on the basics of NoScript’s new method of operation. Whether you’re new to script blocking or experienced with similar tools, you should find something useful here.
Old Versus New
You may remember a similar tutorial we produced back in October. We addressed Javascript blocking methods on Chrome and Firefox, making sure to mention NoScript as part of that course. Fortunately, that article referenced the older style of NoScript, so you can refer to it for a comparison with the new version discussed here. In particular, it’s worth noting that the present NoScript menu available from the toolbar provides a different look at blocked and allowed sites than the older model. When you click on the add-on’s toolbar icon, it will list the domains on your current tab that want to run a script. Check out this default list for the New York Times website.
Instead of listing permissions options like “Temporarily Allow nytimes.com” and “Allow nytimes.com” like the old model did, the new NoScript version saves space by showing a number of different icons beside each domain.
Using the Icons
Starting at the left side of the dropdown menu for each domain, you see five icons in the order of “Default,” “Temp. Trusted,” “Trusted,” “Untrusted,” and “Custom.” You can change the default settings for any domain in NoScript’s preferences. That will be addressed in a following section. For now, know that most domains will not be trusted, so you’ll have to temporarily or permanently trust any domain if you want it to load scripts. As you can see, nytimes.com is not trusted. You have the option of clicking “Temp. Trusted” if you want to allow scripts until you close the browser or “Trusted” if you want nytimes.com to run scripts any time you load the page from that point forward. If you choose “Untrusted,” by default the add-on will block all scripts from running on that domain. The “Custom” option will use options you select and will be different for every domain.
Customization
Once you choose a permission level, NoScript will remember your choice. It will continue trusting domains you prefer and blocking those you dismiss. When you want to customize a domain’s allowance, click the final icon in its list to show a bit more dialogue.
This menu reveals NoScript’s power to block or allow only specific elements of a page – scripts, objects, frames, and so on. Your use of the “Custom” option lets you click or unclick any of those boxes to, for instance, allow scripts but disallow custom fonts. Furthermore, if you click the small clock icon next to the word “CUSTOM” in that menu option, you can run the “Custom” script only temporarily, otherwise NoScript will remember your preference of “Custom” for the next time you open the browser.
Advanced NoScript Options
At the top-left of the toolbar dropdown you will see an “X” icon for exiting that dropdown, a circle for reloading the current tab, and the NoScript logo for opening an advanced options menu. Clicking into the “Advanced” options will offer you a screen that looks like the following image.
The same options you saw earlier regarding a “Custom” domain are shown here. This is different, however, in that you can change the default behavior of the “Default,” “Trusted,” and “Untrusted” modes of operation. Changing any of these options will apply those changes globally. Be careful not to get overzealous. You can always make fine-grained decisions for each domain in the “Custom” section for each individual domain. You can also see all your trusted domains in the “Per-site Permissions” tab in this window. In that tab you will see the same icons as in the toolbar dropdown, and you can change domain preferences as you see fit.
Everyday Use
Clicking the same domain everyday to temporarily trust it can become a chore. Try to use the presets and customizations to your advantage. If you know you’ll be back to a website everyday, but you continually “Temp. Trust” it, think about making the switch to a more permanent selection. Your smart use of temporary and permanent permissions will come in handy when websites begin asking for more than just one set of permissions. Look what happens when you trust nytimes.com to run scripts.
The page asked to run more scripts, so more domains appear in the add-on menu. Sometimes the list can reach dozens of domains. If you have whitelisted a number of trusted domains, though, you won’t have to click that domain to load the video you want to watch or image gallery you want to see.
Conclusion
NoScript is a lifesaver when it comes to blocking unwanted noise in webpages. It can save your computer from malicious javascript, and it can speed up your browsing experience by removing the auto-playing media features some sites seem so fond of. If you’ve been looking for a new Firefox script blocker, or if you shied away from NoScript’s previous self, this new version could be right for you.