NoScript – Firefox Browser Extension Security Suite

NoScript Security Suite is a browser extension for the Firefox web browser designed to control content displayed on the web browser. By default the extension will block JavaScript execution, which improves the security and privacy. While the extension may also support other features, protection against XSS and clickjacking and other advanced security settings.

NoScript - Browser Extension Security Suite
NoScript – Browser Extension Security Suite

The extension supports several level of trust and permission:

  • Default – JavaScript, Objects, media, fonts and WebGL are blocked.
  • Trusted – JavaScript execution is allowed.
  • Trusted Temporarily – JavaScript execution is allowed for the current session or until this status is canceled.
  • Untrusted – all content are blocked
  • Custom – The user may allow and block specific items

NoScript also provides protection against XSS and Clickjacking. blocking is controlled with the following actions:

  • Show Console, displaying the Error Console where further technical details about the actions taken are logged.
  • Unsafe Reload, which will “replay” the request bypassing XSS filters. Use this command only if you’re absolutely sure that NoScript detected a false positive.
  • Suppress the XSS-related notifications (you will still be able to operate through the standard NoScript menu).
  • Open the XSS Options panel.

As long as scripts and some other elements blocked by default, you may encounter some problems with online surfing. Many online resources use scripts and other elements for a wide different tasks that can be safe and a form of validation or can be annoying such as advertising and tracking.

Changing the trust level to Trusted or Trusted Temporarily allows user to download additional elements, while the Untrusted level prevents loading any website content. Trusted and Untrusted levels assigned ongoing basis to any resource so this settings should be configured by the user manually.

You can read more and install the extension over here:

Notify of
Inline Feedbacks
View all comments