RequestPolicy For Firefox Gives You Control Over Cross-Site Connections

The majority of websites make connections to other domains when you connect them. Examples are a site that is using Google Analytics for web statistics or Google Adsense for monetization, embeds videos from YouTube, or uses a content distribution network.
Sometimes these requests are needed to use all of a site's functionality. Amazon for instance loads contents from images-amazon.com. While it is still possible to use the site, part of the site's functionality is not available until you permit that connection.
Update: Request Policy is no longer available. You can try RequestPolicy Continued instead which is still available.
Mozilla changed the add-on system of the Firefox web browser in Firefox 57 and purged all classic add-ons in November 2018. You can check out Request Control or NoScript as alternatives. End
RequestPolicy review
RequestPolicy for the Firefox web browser has been designed to put you back in control over the connections the browser makes. It works in this regard similar to the popular NoScript add-on, but with the difference that it does not prevent onsite scripts from running.
When you first install the add-on, you can add sites to the whitelist. The developer has prepared international and location specific lists.
The majority of suggestions allow connections between sites by the same company. Examples are to allow google.com connections when you are on gmail, or fbcdn.net connections when you are on Facebook. These can significantly reduce issues that users encounter after enabling the add-on in the browser. It is however not necessary to add any site combination to the whitelist.
This whitelist approach is different from NoScripts whitelisting approach, as NoScript allows connections from that domain on all websites, whereas RequestPolicy only allows them on one specific site.
RequestPolicy adds an icon to the Firefox status bar that acts as a control panel and indicator at the same time. A red flag indicates that connections have been blocked on a website. A click on the flag displays information about those connections, and options to temporarily or permanently allow those connections to be made on the current site.
The page is automatically reloaded if you allow connections to be made.
The preferences let you manage the whitelist, export or import settings, and modify the strictness of the add-on. The add-on by default uses base domains, e.g. ghacks.net to allow same-site requests. You can change that to full domain names, e.g. www.ghacks.net, or full addresses instead.
What I personally like most about RequestPolicy is the granular whitelisting which allows you to run the same scripts on some sites but not on others (for instance to show Adsense ads on Ghacks, but not on other sites). It is also less intrusive than NoScript if the whitelisting suggestions are added during setup.





This extension is no more.
I have both set to block all (by default) (same with CookieSafe) .. .I then add sites as I go to them. I think they both support (actually Noscript, Request Policy, AND possibly CookieSafe too) have options to backup your “white-list” and settings, so I just back them up every so-often and transfer them to my other computer…
Really I know some of the RP and NS settings could be “over-lapping”, though I have NEVER had an issue with having both installed
-Xmetalfanx
Thanx Xmetalfanx,
So NoScript can be set to allow cross-connections from select domains on all websites and RequestPolicy can still restrict them on all but specific sites.
Double the setup work, but it only has to be done once per site. Think I’ll give it a try. I don’t do a lot of random browsing. My main concern was conflicts between NS and RP.
Hi Martin,
NoScript does other useful things. Can you describe how to disable in NoScript what this plug-in does, to prevent overlap.
Thanx
David, while I have not looked to closely, I would say that you need to enable “allow all scripts globally” in NoScript for that. I’m not 100% certain though that both add-ons are compatible with each other, and that enabling scripts globally has no effects on the add-on’s remaining features.
I will have to try this. I did find NoScript intrusive
and annoying to the point I could not live with it.
I like the Adsense flexibility on this too
for support of sites the user chooses.
Which goes with saying gHacks.
“without saying”
Although in this case “with saying”
may have the same meaning.
In which case I did
not have to say this.
Enough said.
It is more flexible in this regard, which should appeal to users who find NoScript intrusive.
I know you liked NoScript so
your positive impression
was duly noted here.