>noscript
>try to use it like it's supposed to be used
>every site i visit is broken unless i manually whitelist every domain
>buy something online
>forget i have noscript
>transaction gets fucked because it required js
>actually lost money
holy fuck how do you use this shit in a sane manner?
Not everyone is a retard like you OP. uMatrix is better though.
>>51400084
>actually lost money
How much of a retard are you? What kind of seriously shitty jewish vendor you bought from?
>>51400084
you're not supposed to keep it on 24/7. just enable it if you feel like you're going to be going into a shady site.
>>51400204
I'm pretty sure OP is just lying. Either a transaction needs javascript or it doesn't. If it needs javascript to function and you have it disabled, then they wouldn't receive anything.
>>51400208
That's pointless though.
A lot of malicious activity comes from legit sites. Newegg gave out malware to some users since one of their ads was fucked. of course ublock probably stops it,but it doesn't stop everything.
https://www.reddit.com/r/buildapcsales/comments/3sva4q/meta_allegedly_newegg_has_been_hacked_and_it_is/
>making purchasers on a browser with literally any third party extensions installed
how much of a fuckup do you have to be to do this
>>51400084
>using autistic extensions like noscript
>expecting websites to function normally
>>51400084
stop making the same thread everyday you ignorant fuck
read the fuquin answers questions
F.A.Q u F.A.G
>>51400280
imgur is a good example. When uploading a picture, you could set it up to run arbitrary scripts on the viewer's machine. There was only one high-profile attack using that technique, but it was a known vulnerability for years.
Shit that never happened. No ad revenue for you OP.
>>51400084
Are you a fucking kangaroo? Allow sites you know and trust.
>>51400492
uploading images to imgur ... well, I guess we've found the problem.
>>51400084
>https://www.reddit.com/r/buildapcsales/comments/3sva4q/meta_allegedly_newegg_has_been_hacked_and_it_is/
why everyday OP, why?
>>51400084
>using noscript when umatrix exists
shiggy diggy
>>51400084
can happen if you try to partially allow the scripts and forget one (ex the one for confirmation).
just write the shop about your problem(that you payed but didnt get a confirmation) they'll send you one and next time
allow all them scripts if you dont know which are needed.
dont be such tinfoil
>>51402104
This.
I manually whitelist or temporarily whitelist things as I go. Many "mainstream" sites are trying to serve scripts from 15 different ad and analytics related websites.
>>51400084
> using only one browser
>>51402104
>>51402181
It is best to use both, uMatrix is superior at general script blocking but is pretty awful on how it handles XSS. Run NoScript with allow scripts globally on so you only get the XSS protection and use uMatrix to block scripts.
>>51400084
It's nobody's fault but your own that you didn't check the website before you tried to start the transaction. If you've using NoScript for more than five minutes you'll know which script to unblock.
You don't
Nice bait on transaction, bo honeslty more and more sites are using <noscript> div and they are serving things without all that jewish spying tracking bullshit. We did it xD
>>51400084
>>actually lost money
What kind of retarded merchant would implement at system that could actually take your money due to the lack of Javascript?
That's fucking retarded.
>>51401434
>Are you a fucking kangaroo?
Topkek.
>>51400227
Problem is when you sent some POST request and the response page needs JS, you enable it, NoScript sends the POST again. Can be a problem if the shop does not handle this correctly.
>>51400084
>buy something online
>forget i have noscript
>transaction gets fucked because it required js
>actually lost money
I'll take things that never happened for 10 jim!
>>51402388
Then they're setting up their system incorrectly.
If they are waiting on a payment and they receive the payment they shouldn't accept another payment on the order.
Even if something fails to display for the user due to the lack of JS, if the payment is processed they shouldn't accept another random payment. That's a bad system.
You're better off getting a third party to handle your payments if you're just going to ham up the payment system.
>mfw I have actually received free things from online orders thanks to no script fucking up the payment part.
>>51400084
>in a sane manner?
This would imply that tinfoil faggots are sane; no, they aren't. That being said, they don't buy anything online.
>>51402452
Another case of shitty merchants making shitty sites.
>>51400084
>how do you use this shit
You don't. Upgrade to uMatrix.
>>51402431
Sure. Just wanted to explain how this *could* happen (never happened to me, every shop system I ordered from handled this correctly)
>>51402431
>it's a bad system to "accidentally" collect more money upon certain errors
Maybe from a buyer's point of view
>>51400084
>have been using noscript for many years now.
>never has broken anything because I made sure to whitelist the domains ahead of time
>adblock actually did more harm to me here than noscript
But in times of annoyance and when a website has over 20 different sub websites to handle bullshit. I just go over to chrome. Doesnt happen often though. But yea, this extension is kinda shit. Not its its use but rather in its ability to make the web much harder to use.
>>51402607
It is bad from the seller's as well.
If your system takes money from a buyer when it shouldn't the first thing they're likely to do is email you. And then probably contact their credit card company to cancel that payment, and then you, as the seller would have a cancelled payment you have to verify. It is more work you will have to do.
>>51402452
Have you ever abused this by ordering more (expensive) stuff from the same site?
Or are you afraid it'll work next time and/or get in trouble for fraud or something?
>>51402246
Do you even know what XSS means, motherfucker? If you have scripts disabled, how can be XSS attacks, motherfucker? uBlock alone is enough.
I fucking hate with all my heart people who fall for Noscript buzzwords
>>51400084
>whitelist site and some needed cdn once
>everything works fine for the rest of your life
OMG SO HARD
>>51400084
You use it for general web browser because your settings with be saved for commonly used domains. Use a backup browser for sensitive stuff.
>>51404153
sauce on that webm ?
>>51404185
No idea. Got it from Krautchan.
>>51400084
>falling for the noscript meme
you should actually just use shit that makes your life easier not harder, and try not to go overboard with the gimmick extensions
I would argue that Ublock, Lastpass, Disconnect are all you need to get a good experience
>>51404153
fucking lel
>>51402246
>pretty awful on how it handles XSS
This makes as much sense (as in none) as saying RequestPolicy is pretty awful at handling XSS. Just set uMatrix to work in default-deny for all 3rd parties -- currently only 3rd-party css/images are allowed by default.
>>51404230
Enjoy your xss, 0-days, and driveby downloads pleb.
>>51400084
If a transaction requires Javascript I'm pretty sure the website will tell you beforehand. At least that was the case when I bought something online with noscript.
>whitelisting every domain
You are just retarded Op.
>>51404682
Just to tamper my own statement, of course XSS can be used to execute really annoying javascript code, like causing a page to become unresponsive, popping alert boxes/windows non-stop, flooding a server with dummy requests, and so on. It's true that NoScript is great to catch these, its usefulness for foiling XSS should not be played down.
But ultimately the goal of a real XSS exploit is to cause your browser to download a payload from some evil server. This is where default-deny acts as your ultimate protection, whether the connection was triggered by an XSS exploit or a compromised ad server.
>>51400084
>when web designers have no grasp on what "transaction" actually means
WEBMASTER WILL ADAPT TO NOSCRIP
THEY MUST
>>51400185
Nigga wat. uMatrix is an unusable piece of shit. NoScript is pretty self explanatory.
>>51406547
>uMatrix is an unusable piece of shit
Red means block and green means allow retard. It's very self explanatory.
>>51400084
are you retarded, or baiting?
NO, you are not using it like it's supposed to be used.
>>51408778
thats how i use it. well, idont whitelist every domain obviously, just the ones needed for functionality
