NoScript’s unique whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality…
When you browse a site containing blocked scripts aÂ notification, similar to those issued by popup blocker, is shown.
Look at it or at the statusbar icon to know current NoScript permissions:
- this means that scripts and plugin contents are blocked for the current site and its subframes. Even if some of the 3rd party script sources imported by the pageÂ may be in your whitelist, no code could run because the hosting documents are not enabled.
- this means the top level site is still forbidden but some active subcontent pieces (either frames or plugin objects) are allowed: some code may be running, but the page is likely not to work correctly yet because its main script source is still blocked.
- this means scripts are allowed for the top-level (main) document, but some other active content or script sources imported by this page are not allowed yet. This happens when there are multiple frames, or script elements linking code hosted on 3rd party hosts.
- this means that all the script sources for the page are allowed but some embedded content (frames or plugin objects) is blocked. You can check and allow the blocked content either by looking for yellow visual placeholders in the page or by examining theÂ Blocked Objects sub-menu.
- – this means that scripts are allowed for some URLs, and all the other ones areÂ marked as untrusted.
- – this means that script execution is allowed for the current site
- – this means that scripts are globally allowed (why did you decide to browse with low protection??!)