NotScript Brings NoScript Functionality To Google Chrome

Martin Brinkmann
Aug 18, 2010
Updated • Aug 12, 2018
Google Chrome, Google Chrome extensions

Update: NotScript is no longer available. You can use ScriptBlock or uMatrix instead. You can check out our Firefox review of uMatrix which offers identical functionality to the Chrome version. The following review is kept on the site for archiving purposes. End

Up until now it was not possible to port the popular Firefox script blocking extension NoScript to Google Chrome.

Restrictions of the browser made it impossible to block elements before they were loaded, which obviously did not work out well for a security add-on that needed to block the scripts before they were loaded.

The developer of the NotScript extension for Chrome explains recent changes made to the browser that made the extension possible:

NotScripts uses a unique and novel method to provide this "NoScript" like functionality in Google Chrome that was not previously possible. It introduces a break through technique of intelligent HTML5 storage caching to over come the limitations in Google Chrome that prevented an extension like this from being made before. NotScripts blocks third-party content BEFORE they load and it does this while also having a whitelist. This is one of the key extensions that many people have been waiting for since Google Chrome came out.

The installation of the script requires the user to set a password in the Chrome profile folder, by manually editing the file CHANGE__PASSWORD__HERE.js. This may turn away many users who would probably like to use the add-on, and the developer should consider another way to set that password.


A NotScripts password is required to be set for the initial use on a computer or if NotScripts was updated. The password is used to protect your privacy by preventing web sites from viewing the NotScripts whitelist caches. Due to technical limitations, you are required to open a file to set the password.

Once that is done NotScript will start to function similar to NoScript. The extension blocks most - but not all - scripts from being executed automatically on a website, with the possibility to whitelist scripts so that they can be executed normally.

It places an icon in the address bar, that displays the currently blocked and allowed scripts on the site.


Scripts that are allowed are added to a whitelist.

notscript whitelist
notscript whitelist

It is furthermore possible to allow scripts temporarily for all sites for a while. Functionality that is currently missing is the option to enable a script temporarily for a session only.

As mentioned previously, NotScript has several limitations at this point in development, they are:

NotScripts can block plugins like Flash and Silverlight. However, Java applets are a special case. Java applets embedded with the standard <EMBED> </EMBED> or <OBJECT> </OBJECT> tags can be blocked, but Java applets embedded with the old, deprecated <APPLET> </APPLET> tags cannot be blocked because Google Chrome does not fire load events for this legacy method. The current workaround is to disable Java in your browser until this can be fixed.

All scripts loaded from a source location (the vast majority) can be blocked. However, inline scripts that are directly written into the HTML code of a web page cannot be blocked by NotScripts because Google Chrome does not fire load events for them.
For example: <script src=""> </script> can be blocked without any issues. However, <script>alert("Hello, World!"); </script> written directly into the HTML code by the site you are visiting cannot be blocked by NotScripts because it is not loaded from anywhere, it is a direct part of the web page you view. However, these inline scripts are usually useful and are often required for a site to function properly. If you want to, you can set Google Chrome to deny javascript for all sites and use NotScripts to selectively pick the scripts to run on sites you enable javascript on.

When you visit a web site for the first time with scripting enabled, you may see NotScripts quickly reload it once as it caches the whitelist and refreshes. Subsequently, there is no reloading needed unless you happen to change a part of your whitelist that directly affects the site. This is only a minor issue and happens less and less as NotScripts learns your desired whitelist.

NotScript is a unique extension for Google Chrome, that provides a good chunk of NoScript's functionality. The first official release version shows great promise, and if the developer continues to implement features and maybe, finds ways to remove some of the limitations and the dreaded password creation, then NotScript could become what NoScript is for Firefox: An indispensable add-on

software image
Author Rating
5 based on 1 votes
Software Name
Software Category

Previous Post: «
Next Post: «


  1. bRTy547y64 said on January 15, 2015 at 8:45 am

    NotScripts was removed from the Chrome Web store in September 2014.

    Just to clarify that a certain “compvid30” (Oliver von Schleusen; also found out that he forked the discontinued on-the-fly disk encryption program FreeORFE into StrongCrypt) forked the NotScripts source from Google Code and remade as “ScriptBlock”.

  2. DanTe said on August 18, 2010 at 7:49 pm

    As far as I understood it, Chrome is built into the Android system. If true, I’m just wondering if I can load this extension into it. Would be nice to have :)

  3. DanTe said on August 18, 2010 at 6:23 pm

    Yes. I’m planning to standardize on Android phones. And would like to know if this extension works on the Chrome installed in Android.

    1. Martin said on August 18, 2010 at 6:35 pm

      Dante I do not know. I tried checking Android Market for the Chrome browser but could not find it there. Are you sure you have the Chrome browser installed on your Android phone?

  4. DanTe said on August 18, 2010 at 5:15 pm

    Sorry, new to this Chrome thingie. Does this also work on Chrome in an Android environment?

    1. Martin said on August 18, 2010 at 5:48 pm

      Dante, to be honest this is the first time I heard about a Chrome – Android link. Do you mean a version of the Chrome web browser running on Android?

  5. MartinDK said on August 18, 2010 at 4:47 pm

    I have been waiting for this for a long time :D
    Once I’ve checked this out and seen if it holds up to my expectations, I may finally decide to take the plunge away from FF.

    Thank you so much for the heads up.

    Now, if only they could make an adblocker that actually blocks the ad servers instead of the current which first download the ads and then simply prevent chrome from showing them…

    1. Martin said on August 18, 2010 at 5:10 pm

      I also have been waiting for a long time, but NotScript currently does not hold up. I do not like it that there is no option to temporarily enable a script like in NoScript. You can remove permissions again but that needs to be done manually, unlike NoScript where it is handled automatically. But the developer has done a great job, and it will be interesting to see how this turns out.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.