Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How can I implement a javascript whitelist without using add-ons?

  • 2 replies
  • 1 has this problem
  • 1 view
  • Last reply by barloteli

more options

From the link below

http://kb.mozillazine.org/Allowing_only_certain_sites_to_use_JavaScript

We know that we can use Configurable Security Policies (CAPS) to implement a javascript whitelist. But after version 28, CAPS is removed from firefox. Therefore, we lost a built-in javascript whitelist feature.

Who knows some solutions or workarounds? ( Please note that DO NOT USE ANY ADD-ONS OR PLUGINS! )

From the link below http://kb.mozillazine.org/Allowing_only_certain_sites_to_use_JavaScript We know that we can use Configurable Security Policies (CAPS) to implement a javascript whitelist. But after version 28, CAPS is removed from firefox. Therefore, we lost a built-in javascript whitelist feature. Who knows some solutions or workarounds? ( Please note that DO NOT USE ANY ADD-ONS OR PLUGINS! )

All Replies (2)

more options

I'm not aware of any way to do that from within Firefox.

Why wouldn't you use the NoScript extension (older version compatible with Firefx 52)?

more options

In fact, we can use the old technique proxy auto-config (PAC) to implement most external javascript whitelist feature (Certainly, this method is not so elegant) . But for inline scripts, I haven't found a good solution.

By the way, the built-in javascript whitelist/blacklist is a standard feature for nearly all major web browsers such as Google Chrome, Opera, Konqueror and even Internet Explorer. Why is Firefox an exception?