Regular readers know that I would make the switch from Firefox to either Google Chrome or Opera if those web browsers would support NoScript functionality and Last Pass.
NoScript is a security add-on for Firefox that blocks scripts from being loaded when the website loads. While that means more work on your part to enable scripts selectively when needed, it blocks many attack forms on the Internet outright.
LastPass is an online password manager on the other hand.
So far only Last Pass has made its way to the Google Chrome browser. Daxpit, a reader of my blog, recently mentioned that the BlockIt userscript offers NoScript like functionality when run in Opera.
A userscript in Opera is an external script that can be loaded in the web browser. Much like add-ons but more complicated to setup in my opinion.
BlockIt is compatible with the latest versions of Opera up to Opera 10.50 which is the version I have tested the script on.
It displays a small icon in the lower right corner of the screen. A click on that icon displays a menu that shows the scripts on the page, the number of scripts that have been blocked, a pulldown menu listing all script names, and controls to unblock scripts on the page.
All scripts that are executed normally on the page are disabled by default just like they are in NoScript.
BlockIt divides the elements on the page into categories like scripts, images or embeds with the option to unblock those elements individually or completely. This is one of the differences between both scripts. NoScript ignores images as they are not scripts whereas BlockIt blocks them as well in the beginning.
The following controls are available:
BlockIt remembers the configuration changes made by the user so that elements that have been unblocked remain unblocked in future sessions. The information are stored in cookies which means that cookies need to be enabled for the settings to be saved by the script.
BlockIt is a great NoScript alternative for the Opera web browser. This ties the score between Google Chrome (which got Last Pass) and Opera (which got NoScript).
BlockIt can be downloaded from the forum page over at the Opera forum where the developer announced the script.
Update: The switch to Chromium brought many changes to the Opera web browser. One of them was a reset of the Opera forum taking all old posts with it. This means that BlockIt is no longer available. Even if it would be, it would no longer be compatible with recent versions of Opera.
You may want to check out the NotScripts extension for the new Opera browser which offers similar functionality.
Please click on the following link to open the newsletter signup page: Ghacks Newsletter Sign up
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.
Thanks for this mention Martin. I’m not aware about the reason of your insisting on a password manager but perhaps Opera’s Wand in connection with a neat password-recovery tool could account for that.
LINK: http://operawiki.info/PowerButtons#retrievewand
HTH :-)
Dapxin, not dapxit :) blockit not noscript :p . Opera, not …..
Thanks, Martin. Going to keep an eye on this, may well make the switch sometime soon.
Thx for the tip! BTW Lastpass is so much better than opera built in wand!!
Without NoScript couldn’t you just run your browser sandboxed?
Errm, In Opera, F11, Enable/Disable Javascript….
Mark but that disables it globally. BlockIt can disable all and enable them selectively.
So does Opera, using site preferences…
The blockit Unite App has been updated. Works much better now!
http://files.myopera.com/shoust/files/blockItUnite.ua
And it does not need cookies to function.
Why are you not using Operas built in “NoScript” functionality? Go into Tools> Preferences > Advanced > Content > and uncheck JavaScript. Then visit any page, and RIGHT CLICK the page and select “EDIT SITE PREFERENCES” You can turn JavaScript on per site already!!!! Its been built into Opera for YEARS. This is one of the main reasons I have always used Opera, because of its security and functionality. No need for “NoScript” add-ons. Its had it out of the box since the beginning!
And when something doesn’t load or work properly, using this method, its usually because the script is in an iframe from a 3rd party site, or linked via src to a 3rd party site. Just use the Opera info sidebar to look for iframes and visit them to do the same enable functionality.
No need for updates to use an add-on or having to worry about bloated 3rd party tools that could potentially lead to a vulnerability in the main browser itself at some point.
(note: when editing site preferences, take the www. out of the url before clicking ok. This usually helps ensure it works across all sub domains of the same site ex:bob.somesite.com vs http://www.somesite.com. otherwise, you have to do it per subdomain)
This has been built into Opera for YEARS. This is one of the main reasons I have always used Opera, because of its security and functionality. No need for “NoScript” add-ons. Its had it out of the box since the beginning!
Why are you not using Opera’s built in “NoScript” functionality? Go into Tools> Preferences > Advanced > Content > and uncheck JavaScript.
Then visit any page, and RIGHT CLICK the page and select “EDIT SITE PREFERENCES” You can turn JavaScript on per site already(as well as plugins, so flash can be blocked as well per site)!!!!
And when something doesn’t load or work properly, using this method, its usually because the script is in an iframe from a 3rd party site, or linked via src to a 3rd party site. Just use the Opera info sidebar to look for iframes and visit them to do the same enable functionality.
No need for updates to use an add-on or having to worry about bloated 3rd party tools that could potentially lead to a vulnerability in the main browser itself at some point.
(note: when editing site preferences, take the www. out of the url before clicking ok. This usually helps ensure it works across all sub domains of the same site ex:bob.somesite.com vs http://www.somesite.com. otherwise, you have to do it per subdomain)
DigiP,
I have been keen to use Opera, but the lack of NoScript kept frightening me off.
I have implemented your suggestion (turn Javascript off, and enable individual sites that I trust).
I have only been doing that for the last 5 minutes, but so far so good..
Thanks for the ‘heads up’,
Rob
Yeah. Its how I’ve always used Opera. One thing to note though, if the sites use any third party scripts, you have to enable it for those sites as well, or certain parts of the site won’t load. For example, if they use offsite jquery scripts, like from google.
It can be a pain on some sites to find all the third party scripts to make something work, but I feel much safer knowing that they don’t load automatically, and also gives me more insight into where MY information is shared, since loading the third party scripts from offsite also shares my info with those companies in allowing them to run and track my statistics, so its kind of a double edged sword. For the most part, I generally don’t have too many issues though, and rarely have to hunt down the 3rd party scripts.
This is also nice though, because if I don’t use facebook, why do I want its like button tracking me every where I go? Things like Omniture and other web trackers won’t load if the scripts are purely 3rd party and loaded offsite. This also helps with XSS that loads external iframes and javascript, so long as it isn’t persistent XSS code and only called from the other sites, they won’t run.