Skip to content

Noscript has iframe protection

For those of you that read my blog you’ll know that I’m not a big fan of iframes for various reasons. I wrote a Javascript/CSS scanner which uses them to scan a local area network. There was no easy way to actually prevent this stuff until now….noscript now has iframe protection which is fantastic news, Giorgio kindly added the feature on my request and I’m really impressed with the speed he implemented it because I only mentioned it yesterday!

So what are you waiting for? Protect your LAN information now and download the plugin!

Update…

Thanks to Om for starting the thread on slackers and supporting the idea, this will make a big difference to Firefox security.

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Slashdot
  • StumbleUpon

Comments 11

  1. Bipin 3~ Upadhyay wrote:

    Yup!
    …and it feels good to be a part of something good :)

    Posted 12 Sep 2007 at 1:00 pm
  2. Gareth Heyes wrote:

    Yep nice one for starting the thread :)

    It was a interesting discussion :D

    Posted 12 Sep 2007 at 1:19 pm
  3. Gareth Heyes wrote:

    I thought I’d give you a bit of credit as well ;)

    Posted 12 Sep 2007 at 1:30 pm
  4. Bipin 3~ Upadhyay wrote:

    Thanks for the “bit of credit” :P, but it doesn’t really matter. What matters is to be in touch with guys like you. I hope to be more active on Slackers. :)

    The funny part is that I’d decided to post the thread right after Bank Of India hack but couldn’t.
    However, after reading your post I realized that this is the right time. So of course, (if the credit matters) you should get the bigger chunk. :D
    Most importantly, let’s hope to see the issues (almost) killed with introduction of Content Restriction.

    Posted 12 Sep 2007 at 3:02 pm
  5. Gareth Heyes wrote:

    I hope that Content Restriction will end this madness but doubt it. The trouble is that often when specs are decided they get too complicated and holes get introduced, I hope this doesn’t happen. Simplicity often leads to better security.

    Posted 12 Sep 2007 at 3:14 pm
  6. Tom Macklin wrote:

    Yeah, simplicity leads to security…

    So, could you put include a feature in noscript that allows me to block most iframes, but allow ones that come from sites that are in my trusted sites list or that have a certificate that has been signed by…

    Posted 12 Sep 2007 at 3:28 pm
  7. Gareth Heyes wrote:

    Tom, Giorgio has already added that to noscript, there is even an option to block iframes from trusted sites. Just for the record I’ve nothing to do with noscript I just like it and made a suggestion.

    Posted 12 Sep 2007 at 4:00 pm
  8. Bipin 3~ Upadhyay wrote:

    @Gareth:
    Your comment reminds me of a line from Michael Zalewski’s “Silence on the Wire”:
    “The path to simplicity often leads through a seemingly needless level of complexity…”

    Although the context is different, the idea is crisp and clear: KISS :)

    I need help regarding certain issues. Will send you a mail. Thanks in advance. :)

    Posted 12 Sep 2007 at 5:31 pm
  9. Tom Macklin wrote:

    sorry… bad attempt at a joke. I was trying to point out what happens to secure apps when people start using them…

    Posted 12 Sep 2007 at 5:55 pm
  10. Gareth Heyes wrote:

    Sorry Tom it’s hard to tell when people are joking on comments :)

    Posted 12 Sep 2007 at 10:33 pm
  11. Gareth Heyes wrote:

    Om of course I’ll help ask away mate!

    Posted 12 Sep 2007 at 10:34 pm

Post a Comment

Your email is never published nor shared. Required fields are marked *

Comment spam protected by SpamBam