1. Technology
Send to a Friend via Email
You can opt-out at any time. Please refer to our privacy policy for contact information.

Discuss in my forum


About.com Rating 5 Star Rating



(Photo © InformAction)

The Bottom Line

NoScript is a Firefox add-on which allows executable content such as JavaScript to run only if it is being hosted on a domain that you trust. This easily configurable extension has been touted as a must have and can protect you from a wide array of security exploits.


  • NoScript proactively distrusts all sites until you choose to allow them, avoiding vulnerabilities.
  • NoScript is one of the only available end user tools that can prevent Cross-Site Scripting attacks.
  • Toggling a site or domain's permissions can be done in one simple click.
  • Specific executable content can be allowed to run on blacklisted sites with your permission.
  • Full executable permissions can be given automatically to sites found in your Bookmarks.


  • In the beginning, you need to play a fairly active role in setting permissions for trusted sites.
  • Very long blacklists have been known to slow the application down a bit.


  • NoScript initially blocks JavaScript, Java, and some other executable content from running in your Firefox browser.
  • A visual and optional audio alert is activated whenever a blocked script is detected.
  • Script permissions can be modified by clicking the NoScript icon, located in your browser's status bar.
  • These permissions settings allow you to permit scripts to run on sites that you trust.
  • A NoScript button can be added to your Firefox toolbar, allowing you to toggle permissions for the site you are viewing.
  • Site Matching feature lets you allow executable content to run at specific addresses, specific domains, and parent domains.
  • Java, Flash, and other plug-ins can also be suppressed on untrusted sites.
  • Most Cross-Site Scripting (XSS) attacks can be prevented with NoScript's Anti-XSS functionality.
  • Keyboard shortcuts can be used to toggle a site's permissions as well as to display the NoScript menu.
  • NoScript is translated into over 30 different languages.

Guide Review - NoScript

With the amount of JavaScript-related vulnerabilities that keep popping up browsing unknown sites can be a dangerous risk, even with the latest virus scan and firewall software running. When it comes to web surfing nowadays, your best bet is to protect yourself as much as possible without compromising too much of the experience. Having the NoScript add-on goes a long way in ensuring the safety of your Firefox browser, especially when navigating uncharted waters. The approach of not trusting anyone until you grant permission may seem somewhat extreme, but it is slowly becoming a necessity with the current browser security climate in regards to executable content. Also, XSS attackers seem to be getting craftier and NoScript is a great client side tool to avoid becoming a victim of this unique scripting method. When you first begin using this extension, it may seem like a pain to set permissions for all of your trusted sites the first time you visit them. However, this minor inconvenience may save you from a good deal of serious trouble down the road. Defend yourself by installing NoScript today.
  1. About.com
  2. Technology
  3. Web Browsers
  4. Add-Ons & Plug-Ins
  5. Windows Reviews
  6. Firefox
  7. NoScript Firefox Extension or Add-on - Firefox Extension or Add-on Review - About Web Browsers

©2014 About.com. All rights reserved.