« Stylish 1.0 is out
More styles available as user scripts and as plain CSS »

Introducing SomeScript

SomeScript is a new extension by Tung Nguyen based off my YesScript, which was created in response to NoScript. A history lesson is in order.

NoScript came first. It’s an extension designed to make your Firefox more secure. It has all sorts of anti-bad stuff filters, including a feature that turns JavaScript off. I wanted to use NoScript to turn off JavaScript on sites that had annoying pop-up windows. I found that it took too many steps to configure NoScript the way I wanted. I was also mildly insulted by its assertion that browsing with JavaScript on is “dangerous” and its frequent updates that send you to the developer’s home page, among other things.

So I made YesScript. YesScript is designed to make the web less annoying; it doesn’t make anything more secure. It’s a JavaScript blacklist. The only configuration required is that you click on the icon when you want to turn off a site’s ability to run JavaScript. Click again to turn on. Nice and simple, does what I want.

A month ago, there was a kerfuffle between the developers of Adblock Plus and NoScript. As a result, SomeScript was created based on YesScript’s code to replace NoScript. SomeScript is a JavaScript whitelist, so it’s only a replacement for the blocking JavaScript portion of NoScript, not for the anti-bad stuff filters.

So, history lesson over. I’m glad that YesScript was used to create SomeScript. The developer had some kind words describing my code, too, like “clear”, “easy to read”, and “simple”. I’m going to stick with YesScript, but if you’re interested in a reverse-YesScript without all the additional baggage of NoScript, I recommend giving SomeScript a try.

I would actually be interested in a simplified extension that implemented the anti-bad stuff portion of NoScript. Something that would block common attack vectors automatically, without requiring configuration, and without breaking sites. I imagine this would be much more difficult.

This entry was posted Wednesday, May 27th, 2009 at 9:29 pm and is filed under Mozilla, yesscript. You can leave a response, or trackback from your own site.

3 Responses to “Introducing SomeScript”

  1. Tung Nguyen Says:
    May 27th, 2009 at 11:56 pm

    Hi, YesScript forking dude here.

    The major (lol) changes for blocking JavaScript by default were:

    Add “somescript” to capability.policy.policynames.
    capability.policy.default.javascript.enabled = “noAccess”
    capability.policy.somescript.javascript.enabled = “allAccess”
    capability.policy.somescript.sites = “http://www.example.com”

    Unfortunately, this breaks Facebook, even when Facebook is whitelisted. I don’t like the idea of adding an option to YesScript that breaks something as large as Facebook.

    If I find out how to fix it, I’ll let you know. If you find out how to fix it, please let me know. :)

  2. Maxim Says:
    May 30th, 2009 at 2:22 pm

    Jason, YesScript is not compatible with Firefox 3.5. Can you change the compatibility info?

  3. Tobu Says:
    August 12th, 2009 at 10:34 pm

    Now that SomeScript is over, here is a rec for Request Policy.

Leave a Reply

Adventures in development – Web standards and Firefox extensions