How can I implement a javascript whitelist without using add-ons?
From the link below
http://kb.mozillazine.org/Allowing_only_certain_sites_to_use_JavaScript
We know that we can use Configurable Security Policies (CAPS) to implement a javascript whitelist. But after version 28, CAPS is removed from firefox. Therefore, we lost a built-in javascript whitelist feature.
Who knows some solutions or workarounds? ( Please note that DO NOT USE ANY ADD-ONS OR PLUGINS! )
All Replies (2)
I'm not aware of any way to do that from within Firefox.
Why wouldn't you use the NoScript extension (older version compatible with Firefx 52)?
In fact, we can use the old technique proxy auto-config (PAC) to implement most external javascript whitelist feature (Certainly, this method is not so elegant) . But for inline scripts, I haven't found a good solution.
By the way, the built-in javascript whitelist/blacklist is a standard feature for nearly all major web browsers such as Google Chrome, Opera, Konqueror and even Internet Explorer. Why is Firefox an exception?