Open happeeshopper opened 7 months ago
How does this differ (if it does) from Contextual Policies?
It doesn't, that's exactly what I was asking for, I just hadn't noticed it 👍
How does this differ (if it does) from Contextual Policies?
I noticed there's a problem with contextual policies - it can only be set for a single domain, so if a common script such as ajax.googleapis.com is custom set to be 'allowed' on a single domain and then I 'temporarily allow' it on another domain - the contextual policy is reset and it's no longer automatically allowed on the original set domain.
Could it be possible to also set default Custom Contextual Policies (and their default scope, i.e. if selecting CUSTOM
, the action I want is that domain.tld
be approved by default not for ANY SITE
, but only for the site I'm visiting, e.g. example.com
)? I never trust domains globally, so I find myself performing the following actions repeatedly:
CUSTOM
Enable these capabilities when top page matches
's value from ANY SITE
to the domain of the site I'm visitingscript
, lazy load
, frame
, fetch
, font
)I never trust domains globally, so I find myself performing the following actions repeatedly:
Same here, it's unsafe to do so and defeats the purpose of the extension. But I do want/need some scripts to run on some sites all the time so it's either allow them globally (unsafe) or repeatedly allow them temporarily (PITA).
Edit: I noticed this can be done using ublock which is exactly what's needed:
"Script blocking in uBlock has the option to block / allow scripts both globally and per-site. For example, I can have Google scripts blocked globally by default, but then allow it to run in Youtube specifically, while still blocking those scripts automatically for every other site."
Reason: Certain scripts can be used to serve either benign or malicious code, depending on the domain owners intentions.
I find myself stuck in the position where I don't want to trust certain scripts globally, because they could potentially be used to serve malicious code, but then always having to 'temporarily allow' said scripts on trusted websites that I frequent.
Being able to 'trust' a script to always run on a certain website only, instead of globally on all websites would be useful.