Behaviour of NoScript varies in "privileged" sites
It looks like you patched the "privileged" Mozilla sites in #25836 (moved) and #26114 (moved). However, NoScript 10 has a hardcoded internal lists of domains which it considers "privileged". Try grepping for isRestricted.
Do you ship a custom NoScript in TB 8?
Activity
Replying to gk:
No, we don't ship a custom NoScript. In which way does NoScript's behavior vary for restricted (not privileged) domains? What is the bug here? Currently there seem to be 2 places where this affects NS behaviour. The most interesting is in popup.js:
await include("/lib/restricted.js"); let isRestricted = isRestrictedURL(tab.url); if (!isHttp || isRestricted) { showMessage("warning", _("privilegedPage")); let tempTrust = document.getElementById("temp-trust-page"); tempTrust.disabled = true; return; }restricted (not privileged) domains Huh? Perhaps you meant "not privileged from the point of view of TB", but surely you can see the point here: even if TB doesn't consider them privileged, NS is still behaving as if running on Firefox, and doesn't ask the browser it simply looks up in a list of hardcoded domains. So maybe now the variance is not very troubling, but what about tomorrow?
Also calling the domain "restricted" instead of privileged is exactly backwards, is not the site that is restricted, but NoScript!
Replying to cypherpunks3:
Replying to gk:
No, we don't ship a custom NoScript. In which way does NoScript's behavior vary for restricted (not privileged) domains? What is the bug here? Currently there seem to be 2 places where this affects NS behaviour. The most interesting is in popup.js: {{{ await include("/lib/restricted.js"); let isRestricted = isRestrictedURL(tab.url); if (!isHttp || isRestricted) { showMessage("warning", _("privilegedPage")); let tempTrust = document.getElementById("temp-trust-page"); tempTrust.disabled = true; return; } }}}
Yes, but what is the bug here?