The majority of websites make connections to other domains when you connect them. Examples are a site that is using Google Analytics for web statistics or Google Adsense for monetization, embeds videos from YouTube, or uses a content distribution network. Sometimes these requests are needed to use all of a site's functionality. Amazon for instance loads contents from images-amazon.com. While it is still possible to use the site, part of the site's functionality is not available until you permit that connection.
RequestPolicy for the Firefox web browser has been designed to put you back in control over the connections the browser makes. It works in this regard similar to the popular NoScript add-on, but with the difference that it does not prevent onsite scripts from running.
When you first install the add-on, you can add sites to the whitelist. The developer has prepared international and location specific lists.
The majority of suggestions allow connections between sites by the same company. Examples are to allow google.com connections when you are on gmail, or fbcdn.net connections when you are on Facebook. These can significantly reduce issues that users encounter after enabling the add-on in the browser. It is however not necessary to add any site combination to the whitelist.
This whitelist approach is different from NoScripts whitelisting approach, as NoScript allows connections from that domain on all websites, whereas RequestPolicy only allows them on one specific site.
RequestPolicy adds an icon to the Firefox status bar that acts as a control panel and indicator at the same time. A red flag indicates that connections have been blocked on a website. A click on the flag displays information about those connections, and options to temporarily or permanently allow those connections to be made on the current site.
The page is automatically reloaded if you allow connections to be made.
The preferences let you manage the whitelist, export or import settings, and modify the strictness of the add-on. The add-on by default uses base domains, e.g. ghacks.net to allow same-site requests. You can change that to full domain names, e.g. www.ghacks.net, or full addresses instead.
What I personally like most about RequestPolicy is the granular whitelisting which allows you to run the same scripts on some sites but not on others (for instance to show Adsense ads on Ghacks, but not on other sites). It is also less intrusive than NoScript if the whitelisting suggestions are added during setup.