Hey guys, I have been seeing a lot of people talking good things about noscript, I have a few questions about it:
- Why isn’t it open source? Is there a open source alternative? To me this kinda feels suspicious, installing an extension that can affect all tabs from outside the Mozzila store, while not even open source…
- How to minimize damage? After briefly trying it on, I couldn’t interact with lemmy anymore, many websites lost their dark mode, youtube wasn’t pausing the video, nor was the like button working…
- Is it really needed? What kind of threat model makes something like that needed? Wouldn’t it be possible to just add other sources for uBlock to block tracking scripts or something?
It is open source and on the Mozilla store, did you get the right one? The idea is that you whitelist the websites you trust so only trusted sites can execute js. A lot of websites have js free alternatives like libreX/Y instead of google. There also is GNU librejs which only disables js that doesn’t show its source code. It being a main component of the tor browser tells you a lot about the threat level it’s for. As I understand it the difference to ublock is that it’s lists are on a “allow all but” basis and noscript is on a “block all but” basis.