Allowing only certain sites to use JavaScript: Difference between revisions
m (See also/External links) |
m (Moved "JS must be enabled" note higher) |
||
| Line 17: | Line 17: | ||
''(Naturally, you would replace http://www.example.com and http://www.example.net with sites you wanted to whitelist.)'' | ''(Naturally, you would replace http://www.example.com and http://www.example.net with sites you wanted to whitelist.)'' | ||
Note that you need to have JavaScript enabled when you use these preferences, because disabling it will override these settings. | |||
Similarly, you can create a JavaScript site "blacklist" — that is, allow JavaScript on every site but those you specify. For this behavior, you would add the following lines to user.js: | Similarly, you can create a JavaScript site "blacklist" — that is, allow JavaScript on every site but those you specify. For this behavior, you would add the following lines to user.js: | ||
| Line 25: | Line 27: | ||
These examples were taken from the [http://www.mozilla.org/projects/security/components/ConfigPolicy.html CAPS documentation]. | These examples were taken from the [http://www.mozilla.org/projects/security/components/ConfigPolicy.html CAPS documentation]. | ||
You need to restart your browser after editing user.js, otherwise the changes will not take effect. | You need to restart your browser after editing user.js, otherwise the changes will not take effect. | ||
Revision as of 13:57, 23 August 2005
- This article applies to Firefox and Mozilla Suite
- Note: A user interface for editing a JavaScript-enabled site whitelist exists in the NoScript extension.
If you prefer to keep JavaScript turned off but need it for a few sites, you can configure the browser to use a JavaScript site "whitelist." There is no built-in interface to do this, so you will need to edit user.js. You can also edit about:config, but due to a bug, you will not see the changes you've made (though they will take effect).
In user.js, add the following lines:
user_pref("capability.policy.policynames", "jsok");
user_pref("capability.policy.default.javascript.enabled", "noAccess");
user_pref("capability.policy.jsok.sites", "http://www.example.com");
user_pref("capability.policy.jsok.javascript.enabled", "allAccess");
The line with capability.policy.jsok.sites can have multiple websites separated by spaces, like so:
user_pref("capability.policy.jsok.sites", "http://www.example.com http://www.example.net");
(Naturally, you would replace http://www.example.com and http://www.example.net with sites you wanted to whitelist.)
Note that you need to have JavaScript enabled when you use these preferences, because disabling it will override these settings.
Similarly, you can create a JavaScript site "blacklist" — that is, allow JavaScript on every site but those you specify. For this behavior, you would add the following lines to user.js:
user_pref("capability.policy.policynames", "nojs");
user_pref("capability.policy.nojs.sites", "http://www.example.com http://www.example.net");
user_pref("capability.policy.nojs.javascript.enabled", "noAccess");
These examples were taken from the CAPS documentation.
You need to restart your browser after editing user.js, otherwise the changes will not take effect.
