Block scripts in Firefox

Block scripts in Firefox

The Internet is full of threats like
cross-site scripting attacks and clickjacking. A lot of these attacks work by injecting scripts
in web pages that you don’t even know are there. You can give yourself a modicum more protection
by running a Firefox plug-in called NoScript. NoScript blocks all scripts from
running until you authorize them. Go to
and search for NoScript. Intsall it like you would any add-on. Once you have it installed,
look in the bottom right corner at the little S with the cross-out symbol. Clicking on it brings up a sub-menu
that allows you to choose how to handle scripts on the page you’re at. The safest way to go is not
to allow any scripts. You’ll never fall victim
to code that doesn’t run. But some sites won’t work without scripts so… They next safest thing is to Temporarily
allow only the scripts you need and or trust. A lazier and slightly less safe method
is to temporarily allow all on a page. The next more convenient level,
but also next less safe is to permanently allow scripts either
individually or all for a page. This becomes necessary for things like
your Bank’s website or Google Docs where you don’t want to constantly allow
scripts every time you launch your browser. If you permanently allow scripts from a
site, you’re putting your trust in that site that it will never allow itself to
be infected by a malicious script. The worst thing you can do is
globally allow all scripts. You might as well not run
NoScript at that point. If you have allowed a script on a page
and you change your mind about it, you can always choose forbid,
to start blocking it again. Running noScript means you’re going to have to
do a bit more thinking about pages you surf to. It was enlightening when I first started
running NoScript which of my banks and utilities worked just fine without
scripts and which became disabled. If nothing else, NoScript gives you more control over what risks you expose
yourself to on the Net. I’m Tom Merritt,

35 thoughts on “Block scripts in Firefox

  1. I hope that this will allow me to be able to view sights without out having my browser crash or stick because of a Java error.  Thank you.

  2. That is exactly how i use this program. Between global permission and no script, -when I wanna get rid of something like a pay wall.

  3. @bluephreakr
     Useless. NoScript blocks flash automatically so you don't allow the scripts that rely on Flash.
    Next time, watch the video more closely 1:00

  4. Before using NoScript I constantly was getting malware or viruses, especially from sites like Google Images or even HuffingtonPost (which is laden with tons of scripts).  This malware was always installing a fake anti-virus on my pc and hijacked it preventing me from doing anything.  Luckily I was get control back by using Windows restore from safe mode then scanning using a good trusted anti-malware tool to get rid of it.  Now this never happens with NoScript.  It is a bit of a hassle at first to use to always have to "allow" a page to load, but better than the alternative.  It also causes Firefox to take forever to initially startup, again just a minor trade-off.

  5. ive had this computer for two weeks, and i had a mac before this, so i didnt know about how much more vulnerable windows was to viruses and malware. because of this, i got several trojans and all sorts of malware. bascially, SUPERantispyware and malware bytes saved my life. so, to be safe, i downloaded this about a day ago, i havent gotten any malware or anything. its annoying at first (because you have to enable everything on the websites you always go on) but after a while it works amazingly. thanks to the people who made this, and if you dont have this installed, please do 🙂

  6. After i installed this it seems to make my streaming waaay faster, It takes alot less time to buffer. Greeat addon! should be in core browser!

  7. This is too time consuming. I stopped using firefox yesterday and I don't have these problems anymore.

  8. It would be nice to have something like a "meter" or "progress bar" (not sure what that thing is called that shows where in a video player 'now' is) to show a progression of permitted scripts can show.  First would be the least dangerous – through – Last as the most dangerous/Global.  Just a thought.  The "list" is not very helpful even if it is the most descriptive of what is happening.

  9. once used for the first time you wouldn't believe the amount of third party pish that would easily tear your browser and device a new digital A-hole… highly recommended for those who wish to remain reasonably secure while browsing the web.

  10. Assuming you only visit reputable & directly trustworthy sites, scripts are run to provide the page owner to perform convenient functions on a webpage.  Some of them will be purely for your benefit, others will be for the owners benefit or convenience (including fancy or intrusive ads), and rarely, others will be infections of the webpage by aggressive or criminal organizations.  The first are the only ones that most folk want and that is the benefit of NoScript. A trustworthy AND competent site programmer will only use scripts that have been well vetted, and some of those might be 3rd party. (A thoughtful programmer (very rare) will also let you know what these scripts are for.) 
      The problem with users (we visitors) is that we each have our own preferences / tolerance for advertising, convenience vs privacy and safety. (How much do like your 'Big Brother' reading your diary.)
      The problems with NS are that it does not make it easy to manage the permissions that we must assign to the various websites and script domains that we encounter continuously as we browse the web.  ("Allow all" (but not ONLY) from this site.)  It is easier than it used to be, and there are more 'reputation research' tools, but there is no good user guide to how we should research & manage those permissions.  I hope NS will improve these issues.
    Even supposedly trustworthy sites often, lazily allow their sites to run unvetted 3rd party scripts, and many ads run unvetted or intentionally malicious 3rd party scripts, but the ads themselves on any site are best controlled separately by AdBlockPlus.

  11. It's one of the best add-ons in my opinion.  Used it forever.  It really gets you use to what script names are and what they generally do.  It also helps you identify potentially dangerous sites based on the scripts it runs.  As Filippos stated AdBlock Plus and noscript together=powerful defense.

  12. 1:43 Not true, the XSS and ABE protection should still be in effect even with the setting Allow all globally, so it is still worth running.

  13. No scripts needs something.  When you get to a link and nothing happens – there's no  indication on the LONG list of stuff that is blocked that tells you which one to allow to make the link work.  So, in order to not stay at a non-working link all day experimenting with each scrip permission, I just use the 'temp allow all script' choice, but that seems to defeat the purpose of no script in the first place.

  14. You know, I added this add-on but wholy-hell- What good is it to visit a website and you've got to research 10+ scripts?? How can this be more efficient?

  15. Ce serait bien d'avoir l'information en Français aussi ! Dommage pour ceux qui ne comprennent pas l'anglais! 🙁

  16. Short informative video, good quality, friendly and easy to understand for non native english speakers. Thumbs up!

Leave a Reply

Your email address will not be published. Required fields are marked *