ScriptSafe for Chrome

Archive
1

Firefox users, do you use NoScript?  Do you also have Chrome installed and are looking for something similar?

Here you go!  -  ScriptSafe

https://www.andryou.com/scriptsafe/

It seems to work similar to NoScript with few extra features, so if you are used to NoScript you shouldn't have any problem with ScriptSafe.

Cheers!

2

ScriptSafe v1.0.9.1 Released.

 

This release includes a countermeasure against phishing attacks, improved panel rendering, more options, and a number of minor updates.

I'm also pleased to announce that ScriptSafe is officially available for the Opera browser! With this, I have updated the documentation to reflect the latest updates to ScriptSafe (revamped panel layout and new features).

My sincere thanks and gratitude to all my users, translators, beta testers, and supporters.

In this release you will find the following updates:

  • v1.0.9.1: 
    <ul style="box-sizing: border-box; margin-top: 0px; margin-bottom: 0px;">
	<li style="box-sizing: border-box;">Added option to block Data URLs (data:text/html) to protect users against<span class="Apple-converted-space">&nbsp;</span><a href="https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/" style="box-sizing: border-box; background-color: transparent; color: rgb(51, 122, 183); text-decoration: none;" target="_blank">new phishing attacks</a><span class="Apple-converted-space">&nbsp;</span>(disabled by default, found in "General Settings")</li>
	<li style="box-sizing: border-box;">Added the ability to set ScriptSafe's interface language (found at the top of the Options page)</li>
	<li style="box-sizing: border-box;">Improved ScriptSafe panel scalability in terms of font size and screen resolution</li>
	<li style="box-sizing: border-box;">Fixed occasional panel loading issue when NOSCRIPT blocking and Ratings are both enabled</li>
	<li style="box-sizing: border-box;">Added option to show or hide the ScriptSafe context (right-click) menu</li>
	<li style="box-sizing: border-box;">Added ability to manually add domains to fingerprint whitelists</li>
	<li style="box-sizing: border-box;">Minor update to the Chinese - Simplified translation</li>
	<li style="box-sizing: border-box;">Updated unwanted content providers list</li>
	<li style="box-sizing: border-box;">Minor optimizations</li>
</ul>
</li>
3

ScriptSafe v1.0.9.0 released.

Happy new year! I hope 2017 is off to a great start for you.
This update brings several improvements, a redesign of the ScriptSafe panel to better accommodate all languages and long domain names, as well as Spanish translation. On the topic of language: I will start working on providing users the ability to control the interface language.
I want to take this opportunity to recommend an excellent Chrome extension by EFF (Electronic Frontier Foundation) which automatically blocks ads and trackers using heuristics, which you can use alongside ScriptSafe: Privacy Badger.
In this release you will find the following updates:
 

  •  
    • v1.0.9.0: 
      	<ul>
		<li>Several improvements have been made to the ScriptSafe panel:
		<ul>
			<li>Changed to a one-column layout to better accommodate all languages and long domain names</li>
			<li>Fixed scrollbar issue where it would sometimes not scroll unless the bar itself was dragged</li>
			<li>Allows users to open several domains' ratings without having to reopen the panel each time</li>
			<li>Resolved issue with unscrollable long lists in other Chrome-based browsers</li>
			<li>Improved ability to access the Options, Refresh, Close buttons</li>
			<li>Domain control buttons are now all consistently displayed</li>
		</ul>
		</li>
		<li>Added the ability to Block WebVR Enumeration (under Fingerprint Protection, option is disabled by default so feel free to enable it)</li>
		<li>Added ScriptSafe options to the right-click context menu (useful for popup windows with no controls)</li>
		<li>Fixed uncleared icon counter when there are blocked items for a tab and then ScriptSafe is disabled</li>
		<li>Improved Google Analytics (UTM) Tracking Removal to also strip out the utm_name parameter</li>
		<li>Added Spanish locale (thank you Enrique Arróniz Ramos!)</li>
		<li>Updated unwanted content providers list</li>
		<li>Minor update to Swedish locale</li>
		<li>Minor code optimizations</li>
	</ul>
	</li>
</ul>
</li>
4

Thanks K for your helpful tips and thanks bjm_ as well. I might give it a try, and as K says "If you find you don't like it you can always click the trash can icon."

Cheers.

5

Due to the nature of this extension, this will break most sites!
It is designed to learn over time with sites that you allow.

https://www.andryou.com/scriptsafe/

I run ScriptSafe with Adguard AdBlocker extension.

6

Hi Rainbow_2,

Yep, you can use both together.  I was using ABP with ScriptSafe and am still using uBO and ScriptSafe together.

Be aware though that ScriptSafe takes a bit of work and it will break websites.  It's not for the faint of heart and does have a learning curve.

That said, If I'm right I think you manage JavaScript with Chrome already don't you?  If that's the case then you shouldn't have too many issues with ScriptSafe but you may have to allow JavaScript globally in Chrome and let ScriptSafe manage that instead.

I hope that helps and doesn't scare you off.  Once you get used to how it works you'll work out how to use it.  Maybe just leave it in its default state for a while before you tweak it too much.  If you find you don't like it you can always click the trash can icon.  wink

If you have any questions I'll try my best to answer them.

Cheers,
K.

7

I have Adblock Plus enabled in Chrome since long and I'm happy with it.  

Can ScriptSafe be enabled as well without any conflicts between the two?  Is anyone already using them both?

Thanks.

8

Updated to v1.0.8.5! (Friday, December 23, 2016)

v1.0.8.5:

  • Resolved issue where blocked items were sometimes not being listed in the panel
  • Added the ability to selectively disable Fingerprint Protection on a per-domain, per-option basis
  • Added more control over Referrer Spoofing (thanks AykutCevik)
  • Improved Audio Fingerprint Protection to block AudioContext and webkitAudioContext
  • Improved Block Device Enumeration to block mediaDevices.enumerateDevices()
  • Made Battery Fingerprint Blocking more compatible with sites (thanks TjWallas)
  • Included translations for 13 new languages: Chinese - Simplified, Chinese - Traditional, Czech, Dutch, French, German, Hungarian, Italian, Korean, Latvian, Romanian, Russian, and Swedish (thanks to all translators listed at the bottom of this page)
  • Improved syncing of existing rules if upgrading from a pre-v1.0.7.0 instance
  • Added a reload icon to the panel
  • Updated unwanted content providers list
  • Updated available Operating System and Browsers for User Agent spoofing
  • Resolved minor issue with Referrer Spoof and User-Agent Spoof options display
  • ScriptSafe is now released under the GNU GPLv3 license
9
frugalfreak:  no way to temporary disable scriptsafe.

try Temporary http://s13.postimg.org/yqaa7yo87/screenshot.png
The Temp. button allows you to temporarily allow/block a domain for the current browsing session. These allowances/blockages will be forgotten when you exit your browser.
try Options http://s13.postimg.org/qi8cmywbr/screenshot.png
Documentation > https://www.andryou.com/scriptsafe/

I don't want to just allow a website, I want to disable on a particular website or several.

try Whitelist / Blacklist http://s13.postimg.org/b88hfs0tj/screenshot.png

10

no way to temporary disable scriptsafe. I don’t want to just allow a website, I want to disable on a particular website or several.

11
Krusty13:

...do you use NoScript?

Speaking of which, Krusty13, do you know why it's been stuck on v 2.9.0.11 for like the past two months or so?

12

ScriptSafe v1.0.8.0

13

ScriptSafe v1.0.8.0
 

  • Revamped the design of this page and the Options page: wider layout, larger/more readable words, and intuitive buttons. On the new Options page you are able to toggle between Grouped and List views by clicking on the button in the top-right corner.
  • Added a new Fingerprinting Protection section with the following options (all disabled by default):
    • Canvas Fingerprint Protection - protect against fingerprinting attempts through <canvas> elements, with the following options:
      • Disabled
      • Blank Readout (serve an empty canvas with the original dimensions)
      • Random Readout (serve an empty canvas with random dimensions)
      • Completely Block Readout (refuse to serve any data)
    • Block Audio Fingerprinting - prevent fingerprinting via the AudioContext API
    • Block WebGL Fingerprinting - prevent fingerprinting via the WebGL API
    • Block Battery Fingerprinting - prevent fingerprinting via the Battery API
    • Block Device Enumeration - prevent having hardware devices detected via the WebRTC API
    • Block Gamepad Enumeration - prevent having hardware devices detected via the Gamepad API
    • Block Canvas Font Access - prevent system fonts from being enumerated through <canvas> elements
    • Block Client Rectangles Fingerprinting - prevent fingerprinting through calculating element client rectangles)
    • Reduce Keyboard Fingerprinting (for advanced users) - make keypress timings more random to increase anonymity (note: adds a random delay between keypresses))
    • I recommend enabling all of the above options (except the last two) for increased privacy, and based on your needs disable the options that interfere with your usage.
  • Added Remove Google Analytics (UTM) Tracking option (under Privacy Settings) - remove Google Analytics (UTM) tracking tokens before they're actually passed to the server (disabled by default)
  • Added Remove Possible Hash Tracking option (under Privacy Settings) - remove possible tracking tokens passed using hash, where there is an attribute and value (e.g. #xtor=RSS-1) (disabled by default)
  • Added Spoof Timezone option (under Privacy Settings) - spoof or randomize your timezone; useful if you use VPN (disabled by default)
  • Added Prevent Clipboard Interference option (under Behavior Settings) - prevent pages from interfering with clipboard actions (disabled by default)
  • Added option to apply user-agent spoofing on whitelisted domains as well (default behaviour is to disable spoofing on whitelisted domains to avoid issues, but enabling this option will spoof the user-agent regardless)
  • Added Save as Text File functionality to the Export Settings portion in the Options page
  • Fix Panel expand issue for Mac OS X users
  • Updated unwanted content providers list
  • Created a beta testing signup form. If you sign up to become a beta tester, you will be emailed when there is a new version ready to be tested before being pushed to the Chrome Web Store. Sign up to be a beta tester!
  • I now have a Bitcoin address due to inquiries from people wary of PayPal but wanted to still donate!
    • 39VJ5L9Yd6WocG6r88uE7ZZnM5J2M5bW92
      (also found at the top of this and the Options page)
14

I had to disable Battery Fingerprinting to get youtube videos to play.  sad

15

We'll try ScriptSafe as alternate to ScriptBlock
Thanks