0NoScriptのロゴサイトの壊滅多くなくても、ブラウザのセキュリティを向上させる

私はいつも人々が、Internet Explorerに代わるブラウザをインストールすることをお勧めします. Per­son­ally I prefer 火狐 to the oth­er altern­at­ives (クロム, オペラ, サファリ) 私が見つけるように提供する上でアドオンの膨大な数はそれに難攻不落の優位性を与える. I’ve recently exper­i­mented with the NoScriptの アドオン, which enhances secur­ity by block­ing act­ive objects and scripts unless expli­citly approved. How­ever I found that I was forever hav­ing to grant per­mis­sion to every site I vis­ited for it to work correctly.

The main reas­on I wanted NoScript was to pre­vent XSS exploits, but I did­n’t want genu­ine loc­al scripts blocked. This can be achieved with NoScript by open­ing its options, tick­ing “tem­por­ar­ily allow top-level sites by default” and choos­ing “Base 2ND level Domains (noscript.net)」. This should sub­stan­tially reduce how fre­quently you need to grant a site permissions.

I’m sure some people will try to preach that this isn’t ‘prop­erly’ secure, but for most users if they have to choose between remov­ing NoScript, or hav­ing it in its default con­fig­ur­a­tion, the major­ity will choose to go without it. Using it in this con­fig­ur­a­tion will block XSS exploits and offer sig­ni­fic­antly improved secur­ity without much com­prom­ise to ease of browsing.

Leave a Reply