The Bottom Line
- NoScript proactively distrusts all sites until you choose to allow them, avoiding vulnerabilities.
- NoScript is one of the only available end user tools that can prevent Cross-Site Scripting attacks.
- Toggling a site or domain's permissions can be done in one simple click.
- Specific executable content can be allowed to run on blacklisted sites with your permission.
- Full executable permissions can be given automatically to sites found in your Bookmarks.
- In the beginning, you need to play a fairly active role in setting permissions for trusted sites.
- Very long blacklists have been known to slow the application down a bit.
- A visual and optional audio alert is activated whenever a blocked script is detected.
- Script permissions can be modified by clicking the NoScript icon, located in your browser's status bar.
- These permissions settings allow you to permit scripts to run on sites that you trust.
- A NoScript button can be added to your Firefox toolbar, allowing you to toggle permissions for the site you are viewing.
- Site Matching feature lets you allow executable content to run at specific addresses, specific domains, and parent domains.
- Java, Flash, and other plug-ins can also be suppressed on untrusted sites.
- Most Cross-Site Scripting (XSS) attacks can be prevented with NoScript's Anti-XSS functionality.
- Keyboard shortcuts can be used to toggle a site's permissions as well as to display the NoScript menu.
- NoScript is translated into over 30 different languages.
Guide Review - NoScript