• cRazi_man@lemm.ee
      link
      fedilink
      arrow-up
      22
      ·
      5 months ago

      I thought HTTPS everywhere was baked into browsers now and didn’t need to be installed anymore? Is that not correct?

    • deranger@sh.itjust.works
      link
      fedilink
      arrow-up
      18
      ·
      edit-2
      5 months ago

      Isn’t NoScript redundant if you run UBO in medium mode?

      Roughly similar to using Adblock Plus with many filter lists + NoScript with 1st-party scripts/frames automatically trusted. Unlike NoScript however, you can easily point-and-click to block/allow scripts on a per-site basis.

      • /home/pineapplelover@lemm.ee
        link
        fedilink
        arrow-up
        7
        ·
        5 months ago

        If you go in ublock origin settings, scroll all the way down, you can toggle a setting that disables JS by default. On each site you can whitelist it by clicking ubo and enable JS.

        • sylver_dragon@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          5 months ago

          I wasn’t aware of this feature in UBO, but it doesn’t seem to be quite the same. As best I can tell (with a quick test), UBO lets me turn all scripts on or off for a site. I don’t see any sort of granular controls for selecting which domains to load scripts from (and I might just be missing it). For example, I may want to allow first party scripts to run on a site and maybe third party scripts from one or two domains. But, I don’t want scripts from other third party domains to execute. It’s very much a fine grained, least privileged style of script management. It’s a lot more work, as you often have to spend a few minutes sussing out which domains need to be whitelisted to allow a site to reach minimum functionality; but, you are not often caught offguard by a site doing strange things on your system.

          • underscores@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            5 months ago

            If you check “I’m an advanced user” in the settings, then hit the “More” button in the dropdown a few times it’ll show the more advanced interface that lets you choose which third party domains to allow. It doesn’t work quite the same since it blocks both content and scripts per site, but I find it good enough for my usage.

            edit: You can technically block just scripts per 3rd party site, but it involves manually editing the content type for your rules in the settings. It’s not part of the main interface, so I never bother using it.

    • ivn@jlai.lu
      link
      fedilink
      arrow-up
      6
      ·
      5 months ago

      I don’t understand your edit, how is more things doing the same thing better? It adds complexity, attack surface while taking resources.

        • ivn@jlai.lu
          link
          fedilink
          arrow-up
          2
          ·
          5 months ago

          Wow, you are really confused. The argument about the functionality being already implemented by Firefox was about https everywhere. This has nothing to do with adblocking and it does break some sites (the one still not using https) but you can still access them with a click.