Mozilla VPN is currently experiencing an outage. Our team is actively working to resolve the issue. Please check the status page for real-time updates. Thank you for your patience.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How can I implement a javascript whitelist without using add-ons?

  • 2 replies
  • 1 has this problem
  • 1 view
  • Last reply by barloteli

more options

From the link below

http://kb.mozillazine.org/Allowing_only_certain_sites_to_use_JavaScript

We know that we can use Configurable Security Policies (CAPS) to implement a javascript whitelist. But after version 28, CAPS is removed from firefox. Therefore, we lost a built-in javascript whitelist feature.

Who knows some solutions or workarounds? ( Please note that DO NOT USE ANY ADD-ONS OR PLUGINS! )

From the link below http://kb.mozillazine.org/Allowing_only_certain_sites_to_use_JavaScript We know that we can use Configurable Security Policies (CAPS) to implement a javascript whitelist. But after version 28, CAPS is removed from firefox. Therefore, we lost a built-in javascript whitelist feature. Who knows some solutions or workarounds? ( Please note that DO NOT USE ANY ADD-ONS OR PLUGINS! )

All Replies (2)

more options

I'm not aware of any way to do that from within Firefox.

Why wouldn't you use the NoScript extension (older version compatible with Firefx 52)?

more options

In fact, we can use the old technique proxy auto-config (PAC) to implement most external javascript whitelist feature (Certainly, this method is not so elegant) . But for inline scripts, I haven't found a good solution.

By the way, the built-in javascript whitelist/blacklist is a standard feature for nearly all major web browsers such as Google Chrome, Opera, Konqueror and even Internet Explorer. Why is Firefox an exception?