How to manage website scripts using browser addons

Script blocker browser addons (sometimes referred to as ‘browser extensions’) are very handy browser tools that provide another level of browser assurance and protection in addition to your antivirus and firewall apps. The major benefit is that these blockers stop third-party content (scripts) before they load into the browser i.e. cross site scripting (XSS); clickjacking and stop websites from tracking your surfing behaviour.They do however require some user input (from time to time) and some understanding of what scripts you should allow/disallow.

Scripts allow websites to function and JavaScript in particular helps make sites interactive. Here are some useful methods for controlling scripts including JavaScript when visiting websites you might not trust when using Firefox, Chrome, Internet Explorer and Safari:

Mozilla Firefox – for added browser security I like to use NoScript.This addon allows you to control JavaScript, iFrames and plugins. The NoScript addon also provides WebGL blocking support when Javascript is not allowed. You will need to check “”NoScript Options|Embedding|Forbid WebGL”, and allowed per-site by clicking on a placeholder of the blocked canvas or by using the “Blocked objects…” menu. It’s not for novices I’m afraid but if you are prepared to learn, it will be worth your time.

Google Chrome – When using Chrome (which I use a lot of nowadays) I like to use the NotScripts extension. It’s similar to NoScript (above) in that it allows you to control JavaScript, iFrames and plugins. This extension requires a password which requires the user to browse to the NotScripts Password .js file, which for some might be a little daunting. Rest assured it is easy once you follow the simple instructions.

Internet Explorer 8/9/10 – IE doesn’t use script blocking addons/extensions but IE does indeed use what Microsoft calls ‘InPrivate Browsing mode’ (a basic sandbox compared to Sandboxie) and you could always make sure Data Execution Prevention (DEP) is enabled. TIP: ActiveX is only applicable to Internet Explorer, but you go to ‘Tools’; ‘Internet Options’; ‘Security’; ‘Custom level’; ‘Security Settings’ in the ‘Internet Zone’ to check/block ActiveX, Java Applets and Scripting, but I’ve not found it very user friendly (too many annoying prompts for my liking). I’d suggest you use the FREE Sandboxie virtual browser in this instance.

Apple Safari 5JavaScript Blacklist (public domain code) is a simple extension for Safari 5 (only) which blacklists scripts from a configurable list of domains. You can manage website scripts by adding websites to the blacklist. This extension isn’t comparable to NoScript or NotScripts and requires some of your valuable time in entering each blaclisted URL. However it does provide some level of website browsing reassurance. Update Feb 2nd 2012: I’ve also recently discovered an extension called Javascript Blocker which appears to work in a similar way to NoScript and NotScripts. I’ve installed the extension and it does appear to do a great job of blocking scripts. 🙂

If my readers find any new addons/extensions or useful utilities for managing browser scripts, then drop me a line. Would be great to hear from you!

Safe surfing folks!


This entry was posted in browser, google and tagged , . Bookmark the permalink.

2 Responses to How to manage website scripts using browser addons

  1. Pingback: How to manage website scripts using browser addons | Events | IT Security Magazine - Hakin9

  2. Pingback: How to manage website scripts using browser addons | PS3 Festplatte

Leave a Reply

Your email address will not be published. Required fields are marked *