NoScript's rating drops after Firefox Quantum release

Martin Brinkmann
Dec 1, 2017
Firefox
|
108

The Firefox add-on NoScript was one of the best rated add-ons on Mozilla's Firefox Add-ons website. It had a solid five out of five star rating by about 1600 different users, and more than 1.7 million active users in total.

If you check  the rating and users of the extension today, you will notice that its rating dropped to four out of five stars, and that the extension lost a good 100K users on top of that beginning at the time Mozilla released Firefox 57 Quantum.

To be precise, the rating dropped from a 4.7 to a 4.1 score in that time period. Still a solid rating, but mostly because of the excellent legacy add-on ratings NoScript got over the years.

Firefox 57 dropped Firefox's legacy add-on system in favor of WebExtensions. A WebExtensions version of NoScript was in the works, but the release of that new version was delayed for a few days.

The reception was not the greatest, with reviews being evenly divided between users that heralded the new version and users who missed functionality that the old offered.

noscript user rating

Giorgio Maone, the developer of NoScript released several updates since then that addresses some of the most pressing matters.

Reviews of NoScript jumpted from 1660 on November 10, 2017 to 2301 reviews on December 1, 2017 (there is a conflicting number of 2161 reviews when you load them).

Not all reviews are negative, but most reviewers rate NoScript with one or two stars only. If you go through them, you will notice the following recurring arguments for giving the extension a low rating:

  • The functionality pales in comparison to the legacy add-on version of NoScript.
  • It causes freezes, hangs or performance issues.
  • A bug that causes the browser window to be resized automatically (addressed in the latest update).
  • The interface is different, some interface options are not there anymore, and it is generally less usable than before.
  • Whitelisting and other actions are more complicated than before.

Some of the reviewers who gave NoScript a one star rating state explicitly that they "love" the add-on, and that it pains them to see that the add-on became unusable for them.

Here are a couple of quotes by NoScript users:

Honestly I loved this add on, until the firefox update and the new version of the add on. Now I can not get websites to work. I have to disable it to do even the most basic things. It keeps blocking sites even after I tell it to trust them. Horrible and Im very disappointed that I can no longer use it.

Another user writes

This used to be my go-to script blocker and it was fantastic. With the latest update though to make it work for the new Firefox, everything is upside down and it's more or less unusable in its current state. The addon's menu keeps bugging out and cant decide whether to be a dropdown like before or a standalone window. Furthermore I can no longer easily whitelist entire pages except for temporarily which is rather tedious for sites I visit alot. That it also refuses to save my settings for a specific site (where I have taken the time to click which parts of it I want to trust and which not) just makes the experience more frustrating.

The migration from Firefox's classic add-on system to the WebExtensions system is certainly the root cause for the rating drop. One factor that certainly plays a role is that some APIs are not available yet in the stable version of the browser. Another was that changes had to be made to the interface of the extension due to the nature of WebExtensions.

It is clear that things will improve in the long run, but also that the WebExtensions version of NoScript will never be exactly like the legacy add-on version.

Now You: What's your take on the situation?

Summary
NoScript's rating drops after Firefox Quantum release
Article Name
NoScript's rating drops after Firefox Quantum release
Description
The 5 out of 5 star rating of the Firefox add-on NoScript Security Suite dropped to a 4 out of 5 rating in the wake of the Firefox 57 Quantum release.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. 周瑜 said on August 28, 2019 at 5:52 pm
    Reply

    now this explains why NoScript is causing my Firefix not able to browse to any sites for a minute upon the first launch after boot for the past few versions – Firefix Quantum.

  2. Anonymous said on February 25, 2019 at 4:52 pm
    Reply

    I am on this page because for the first time in five years, I installed a new version of linux and it came with firefox.

    What. A. Change. It’s like they took the ability to granularly configure things and made a bunch of stupid user defaults with condescending decisions to make it easy for mouth breathers to get to facebook and google and watch videos much more easily while using webmail. It even recommends sites as you type in where you want to go! I want to go where I am trying to type in to go, thanks! So many recommendations and suggestions.

    Then the search bar (which had to be enabled manually) keeps suggesting results from a bunch of other search engines. If you remove the other search engines, it recommends the alternate search engine of the only one you have left and must use as the default, so it’s not an alternate and yet is presented as such!

    Which leads me to noscript. It was so dumbed down I needed instructions on how to find out it can’t do what it used to do.

    I am trying so hard to avoid windows 10, so so hard, and so hard to stop tracking and monitoring and unwanted ads… I just want a clean experience like how it used to be.

    I couldn’t even use noscript to alter how mozilla.org was displayed because it was a protected page! And removing the domain from the whitelist (after enabling debugging) doesn’t even change that! It’s hardcoded in to prevent any changes to mozilla.org — even ublock origins element hider won’t let me block the social icons there!

    And yet here on my elderly win 7 box, in pale moon, I can element hide as much as I want on these otherwise protected pages that are too dangerous for me to customize in linux.

    maybe I should just discover girls or something, or go outside and play. computers look like they are no longer in the domain of people that tinker, instead they have fallen sway to the user that consumes, and that consumption must be controlled for advertising revenue purposes..

  3. Anonymous said on July 17, 2018 at 7:32 am
    Reply

    I’m on this page because unlike in the past, I have to screw around with NoScript each and every time I want to use it. It is painful, it is a leap backwards and it is the fault of Firefox. I basically have to forgo the wonders of NoScript until such time as it works again.

  4. Felix said on May 12, 2018 at 6:44 pm
    Reply

    Forgot to disable automatic updates and now stuck on 57. Needless to say I’ve disabled the automatic updates now, but haven’t bothered mighrating back to the good one yet. Will have to finish building the new Ryzen system soon anyways so will deal with it after the new system is up.

  5. Badger said on January 3, 2018 at 2:26 pm
    Reply

    I’m glad that Firefox Quantum has not become the standard yet on my Debian. Occasionally I have to use Windows at work, where I have now installed Waterfox. I’ll see what happens. I think Debian will only switch to the next ESR release of Firefox. I may install Waterfox on my Debian too in the future.

  6. oz said on December 30, 2017 at 2:58 pm
    Reply

    Just a note to say that version 10.1.6.2 has just been released and it has big improvements over the previous releases. I can finally use noscript again.

  7. Alex said on December 24, 2017 at 10:18 pm
    Reply

    Thank you for your great answer.

    Merry Christmas.

  8. Alex said on December 24, 2017 at 3:00 pm
    Reply

    Hey, anyone know how I can NoScript back to the classic design? Please reply here. Thank you.

    1. A different Martin said on December 24, 2017 at 9:46 pm
      Reply

      To use classic XUL/XPCOM NoScript, you’d have to use Firefox ESR, Pale Moon, or (based only on what I’ve read, not on personal experience) WaterFox. Tor Browser is still based on Firefox ESR and comes with NoScript bundled, but I think most people find it sacrifices too much speed, functionality, and convenience for anonymity and privacy to be suitable as a general-purpose browser.

      If you install Firefox ESR, you’ll have to either use a profile that has never been loaded in Firefox 56+ or build a new profile from scratch. (Loading a Firefox profile in Firefox 56 or later “corrupts” it for use with earlier versions of Firefox.)

      Also, up-to-date Firefox ESR is scheduled to stop supporting legacy extensions (including classic NoScript) sometime around July 2018.

      Finally, it seems doubtful that classic NoScript will continue to be developed past the time Firefox ESR stops supporting it.

  9. oz said on December 20, 2017 at 5:52 pm
    Reply

    Even the latest release of this new version still feels very “alpha-” oriented for me. I’ve tried all the updates and read the special instructions posted by author, but I start getting a headache very soon after opening the noscript options window. This extension is far from being what it used to be and the reviews that have been posted lately reflect that opinion quite well. Removed it again… will probably try in another few months.

  10. centurion said on December 8, 2017 at 10:57 pm
    Reply

    it seems that the noscript webext being pulled out from mozilla addons….no more to find

    1. Martin Brinkmann said on December 9, 2017 at 8:09 am
      Reply
  11. John Fenderson said on December 6, 2017 at 1:27 am
    Reply

    Personally, the new NoScript is pretty painful to use, and seems to be missing some important things (or, I just can’t figure out how to do them, which isn’t unlikely). Perhaps it will get better over time, perhaps not. I don’t know.

    I do blame Firefox, not Giorgio Maone. I am exceedingly grateful for his work on this over the years.

    For now, though, I’m just not going to use Firefox 57. 57 is better in some ways and worse in others, and on the whole, it doesn’t really offer me a compelling reason to use it. Using it without NoScript isn’t going to happen, so I’ll stick with Waterfox, where I can use the better version of NoScript.

    I’ll check back occasionally to see if the new NoScript has achieved usability, though, and when it does, I’ll consider moving back to Firefox.

    1. Brian said on December 6, 2017 at 4:25 am
      Reply

      uMatrix is as good -if not- better than NoScript

      1. John Fenderson said on December 6, 2017 at 6:37 pm
        Reply

        That may be (I haven’t dug deeply into uMatrix), but the legacy NoScript works great, and I’m very familiar with it. I’d look into alternatives if I were strongly motivated to move to FF57, but after using it for a while, I’m not that motivated.

  12. G-Flex said on December 5, 2017 at 5:52 am
    Reply

    RIP Mozilla Firefox
    2002 (0.1) – 2017 (56.0.2)

    1. vosie said on December 5, 2017 at 3:14 pm
      Reply

      Correction:

      RIP Mozilla Firefox
      2002 (0.1) – 2018 (ESR 52.8.0)

      1. vosie said on December 11, 2017 at 8:30 am
        Reply

        @Anonymous

        You’re wrong.

        Firefox 57 with WebExtensions exclusivity is the final nail in the coffin of Firefox.

      2. Anonymous said on December 7, 2017 at 1:49 pm
        Reply

        Correction:

        RIP Mozilla Firefox
        2002 (0.1) –

  13. James Wilson Ballard said on December 4, 2017 at 3:31 pm
    Reply

    Firefox threw away the only reason ever to use it: all the extensions and the possibilities of extending the browser.
    This is the fault of NoScript’s devs because they chose to keep working on the script, they should have simply dropped it.
    As it is, all they’re doing is helping Mozilla kill, butcher, murder Firefox.

  14. chromeFOX said on December 3, 2017 at 10:16 am
    Reply

    Why do they call it Legacy Add-ons when it is more powerful than Chrome Extensions, just look what happened to Greasemonkey totally dead and unusable from being powerful and integrated with Gecko Firefox to now unintuiative, unusable, disfunctional mess….

    1. Sophie said on December 3, 2017 at 4:07 pm
      Reply

      Greasemonky was USELESS as a Webextension!!!! I could not even find a way to add my own script. Talk about pared down. I went with Tampermonkey, but now have gone with Violent Monkey, deciding that for me at least, the latter was preferable. I can’t imagine what GM have done to it. I know their hands are tied, but if TM and VM can get things to the level they have, it seems to me that GM are finished (for now).

      1. chromeDomination said on December 4, 2017 at 1:38 am
        Reply

        Preferred Violentmonkey too on any Chromebased Extensions. It is lighter/faster and more compatible to most scripts I mashed it with, Tampermonkey grows heavy and gets sluggish the more script you put into it tothe point its freezes the browser and many dont work like those UsserStyle scripts.

      2. Anonymous said on December 3, 2017 at 5:53 pm
        Reply

        “!!!!”
        BluePants and now ViolentSophie, I love ghacks.

  15. bob styles said on December 2, 2017 at 1:51 pm
    Reply

    A very surprising rather self-inflicted wound by Mozilla. Why not have retained wider options?

    Bob Styles

    1. Jody Thornton said on December 3, 2017 at 1:36 pm
      Reply

      It’s not hurting them though. Firefox numbers are improving since v57 was released.

      1. John Fenderson said on December 6, 2017 at 6:57 pm
        Reply

        According to who? I’ve had problems finding any hard numbers on this. The closest I can get is netmartketshare, and they don’t break out 57 from other versions of Firefox. However, their numbers are showing that Firefox’s decline in share over time has not altered in rate.

      2. Jody Thornton said on December 5, 2017 at 12:14 pm
        Reply

        You’re the only person I’ve heard cite that information. Every other credible source I’ve heard echoes the opposite. I’ll keep my ears open though.

      3. James Wilson Ballard said on December 4, 2017 at 3:33 pm
        Reply

        Their numbers are not improving, at least according to the numbers.
        Their marketshare is down last month.

  16. TelV said on December 2, 2017 at 11:14 am
    Reply

    Taking a slightly different path on the same subject I hope it won’t be too long before Firefox forks like Basilisk and Waterfox which still support XUL/XPCOM extensions create their own add-on store.

    I say that because I’ve noticed that developers who have switched from a legacy to a WebExtension are gradually removing the former from the AMO site as can be seen in this link for NoSquint Plus: https://addons.mozilla.org/en-US/firefox/addon/nosquint-plus/versions/?page=1#version-50.0

    I’m using v56.1 which is the only version that seems to work with FF ESR 52.5 and Basilisk. But it’s nowhere to be seen anywhere in the above link. Other versions cause the menu panel to become immovable with half of it off screen in the upper right hand corner. Other versions don’t place a button on the toolbar or in the context menu and similar issues.

    I don’t know how long Mozilla will maintain the AMO legacy extensions store, but they could try and force users to update to FF57 and beyond by removing them altogether.

    1. Sophie said on December 3, 2017 at 8:46 am
      Reply

      @TeIV – well, I really hope they don’t remove them altogether!! Why do that? I run Waterfox 54.0.1, Firefox 43x and Firefox 57 – and that’s my balance. So I’d be very disappointed if old AMO was removed, though I understand they probably can’t be there for all time. I have saved every extension I use as an .XPI file, so whatever happens, I have that as a repository.

      1. Sophie said on December 3, 2017 at 4:05 pm
        Reply

        @TeIV – Good point you make, about a situation existing whereby any of the various forks or flavours of legacy Firefox only go to Mozilla AMO for Addons. There would be nothing in it for them, and it would only slow down the update of 57+

        I did try (yes, mad I know) to download the whole of the AMO website in HTTRACK a few months ago. It ran for three days, and then I gave up. Of course, I knew it was vast, but it would have been great to have 20GB (or whatever) of AMO on a hard drive somewhere, at that particular point in time.

        I’m slowly getting used to FF57, but there are still many Addons that I can’t replicate, and that’s making me run several versions (all Portable) for the foreseeable future.

      2. TelV said on December 3, 2017 at 11:03 am
        Reply

        @ Sophie,

        Well, Mozilla’s in it for the money and having users switching to other browsers that support legacy add-ons which can only be downloaded from AMO isn’t something that they’ll will want to continue. They don’t want to lose market share because that will cause investors to rethink their investments so it wouldn’t suprise me to learn that Mozilla will cease to support the legacy database possibly from as soon as June 26 next year when support for FF ESR 52x will end.

        I’ll consider installing FF57 towards the end of June next year when the current ESR support expires, but it’ll just be a backup in case my current browser which is Basilisk suffers some catastrophe or other at the wrong moment.

        Altthough other FF forks are in competition with each other, it would be a good idea to create a common legacy database which would be available to all of them. If Mozilla does scrap the AMO legacy dbase it won’t matter so much then.

  17. eatTHEleft said on December 2, 2017 at 8:07 am
    Reply

    The new Firefox is simply amazing. uMatrix is 100000% better than NoScript and it works flawlessly with the new Firefox thanks to the brilliant coding skills of gorhill. The cry baby bitches complaining about NoScript should stfu.

    1. Sophie said on December 2, 2017 at 8:56 am
      Reply

      Only “dabbled briefly” with uMatrix, but I have also tried NoScript, and my belief is that totally…….uMatrix wins hands-down. Much more intuitive, much better laid out, better control IMO.

      Personally, I’ve never seen the attraction in NoScript, its way too heavy, and when I did use it, nothing would work properly. Try YesScript instead, or as EatTHEleft says, try uMatrix.

  18. Lookmann said on December 2, 2017 at 7:55 am
    Reply

    NS update does not work like old version.

    Forced to use ‘ java script toggle’, a very basic blocker .
    not always remembering allowed sites .
    Hope it will evolve.

  19. Robert Ab said on December 2, 2017 at 5:34 am
    Reply

    This shows about what type of customers Mozilla cares about (and those are not advanced users):
    https://www.reddit.com/r/firefox/comments/7gqv65/apis_needed_for_session_manager_to_become/
    (go also to 2nd page)

    1. Pen said on December 2, 2017 at 7:45 am
      Reply

      This thread says there already are session managers available, so while some APIs are yet to be released, managing a session can already be achieved. I use Tab Tree, it’s an add-on that displays tabs like a tree but also allows to create groups and hide them. You can save them on disk and import, so the session is well managed. I didn’t expect to find that in a tab tree add-on.

      Otherwise there are other add-ons dedicated to session management such as Tab Session Manager. As more Firefox versions beyond 57 are released, more of the API requested will be there and session managers will become more powerful. That doesn’t mean it’s not easy to find what you need right now; just run Firefox 57 portable and fiddle with it until you find your sweet spot, at which point you can update your installed Firefox 56. https://portableapps.com/apps/internet/firefox_portable

      1. Pen said on December 3, 2017 at 11:08 pm
        Reply

        Tab Tree works properly.

      2. Ben said on December 2, 2017 at 2:50 pm
        Reply

        > This thread says there already are session managers available

        Yea. With the little limitation that they don’t work properly…

    2. gh said on December 2, 2017 at 7:39 am
      Reply

      Having frequently browsed that subreddit across the span of past year or so, i recognize that username “DrDichotomous”. His / her prior posts have been insightful and informative. The posts in that linked topic though, sound like the words of an “apologist”.

      No need for apologies. They won, we lost.

  20. James said on December 2, 2017 at 2:40 am
    Reply

    I used to feel confident and secure using FF. But as security across the country gets tighter, a couple of “back doors ” is not enough for the higher powers. Look at windows 10. The intire system is made so that any and all has internet access. Security settings that when changed to somewhat secure, only to be set back to unsecure all by itself. It is the worst system since windows me. Try and find a laptop w/o a camera or a mike on it. They can be turned on at anytime. This is very true. Cell phone the same way. Firefox is and has slowly been opening more and more back doors for the “higher powers”. Just look at things that are not obvious to the normal user. Just a few short years ago there were only a few back doors. Look now! Wide open to see what your doing. As a post said above, Chrome is faster and and security does not seem to be a concern anymore by many because you will not find a browser like the old FF. I just did not think FF would give in that easy. When there are back doors in a progam, that an opening for the crooks, thieves that like your credit card info. Just about every program made for banks, credit , you name it .. have back doors so that the higher powers can access them. Its the law of the land now. You may have privacy in your bathroom as the writting of this. If things dont change …you loose that. I am all for security and i ahve even served but man has a built in privacy concern. If in doubt …why do we shut the bath door? Its just gone to far.

    1. A different Martin said on December 2, 2017 at 5:05 pm
      Reply

      @ James:

      Try and find a laptop w/o a camera or a mike on it. They can be turned on at anytime.

      This got a pained smile from me. My brother works for a software company, and one day someone from Homeland Security came in to administer a routine interview to one of his foreign-born colleagues. In the DHS agent’s folder was a photo of the employee surreptitiously taken from the webcam on his laptop.

      Laptops from Linux-computer vendor Purism have “hardware kill switches” for the camera and microphone. On my ThinkPad T510, a medium-sized binder clip fits perfectly over the built-in webcam (and doesn’t leave any sticky electrical-tape residue). Unfortunately, I can’t think of a jury-rigged hardware solution for the mike.

      1. John Fenderson said on December 6, 2017 at 6:51 pm
        Reply

        I find it sufficient to tape over the camera and microphone (taping over the microphone works great on my machines, but YMMV. Test to be sure.)

  21. Legacy rules said on December 2, 2017 at 12:50 am
    Reply

    webestensions apis convinced me to move me to Waterfox:

    https://www.waterfoxproject.org/blog/waterfox-56.0-release-download

    i continue to use the noscript legacy version without any issue and I have a firefox fork more incentrate on privacy of there users

  22. Xibula said on December 1, 2017 at 11:42 pm
    Reply

    https://www.dedoimedo.com/computers/firefox-noscript-10-guide-1.html
    November 23, 2017

    “There are still some fine nuances, but it is the add-on that we love, care and need to warrant using Firefox. This is a great development. Stay tuned for more. ”

    ME: give it time, it’s like a new begining for Firefox and Noscript

    1. A different Martin said on December 2, 2017 at 4:28 pm
      Reply

      @ Xibula:

      This is a pretty reasonable take and one I share. These early glitches are most likely teething pains for the new NoScript. On the other hand, I’m still running Pale Moon with XUL NoScript as my primary browser, with Firefox Quantum as one of my fallback browsers, so I’m not really having to deal with those teething pains on a routine basis. That makes it easier to be patient. (Session Manager is a different matter. I’ve used a single shared session folder for all of my Firefox-based browsers, including those in my Linux virtual machines, for quite some time, and I feel the loss every time I load Quantum.)

  23. Anonymous said on December 1, 2017 at 10:21 pm
    Reply

    https://flagfox.wordpress.com/
    “Posting status info to AMO is a pain”

    Quote: “If you’re wondering why I hadn’t put up any Firefox 57 support status update message on Flagfox’s page on the Mozilla Add-ons site until today, it’s because doing so is shockingly difficult, especially as of Mozilla’s latest revision of the website. (it’s crap in a variety of ways, but this one is particularly annoying) Previously, there was a “Developer’s Comments” section in addition to the “Add-on Description” section (currently labeled “About this extension”) where I could put updates like this, though at some point they started hiding it by default, which was annoying. Now it’s gone completely”[…]

    Difficult or impossible for the dev to explain things at the right place could have a direct impact on the rating too, don’t you think?

  24. puffy said on December 1, 2017 at 10:21 pm
    Reply

    I am done with Firefox. Various problems were causing me to lose interest, but the new update (which I did not want) took away the good parts but only changed the bad.

  25. pou said on December 1, 2017 at 9:03 pm
    Reply

    I don’t know why you specifically target NoScript, other popular extensions like Adblock Plus also get many negative reviews recently

    1. Martin Brinkmann said on December 2, 2017 at 6:11 am
      Reply

      Because I use NoScript, not AdBlock Plus. Sometimes, things are really that simple.

  26. Ronflex said on December 1, 2017 at 9:02 pm
    Reply

    @Martin

    I think you’re a NoScript fan, so maybe don’t put too much pressure on Giorgio if you don’t want him to throw the towel :)

    Also a correction :

    “It is clear that things will improve in the long run, but also that the WebExtensions version of NoScript will never be exactly like the legacy add-on version.”

    That’s not true, Giorgio said NoScript WebExtension would become full featured in 2018. It also gained per-site permissions, making it objectively more secure by the time other features are implemented.

    Meanwhile, users can use uMatrix as NoScript is busy with this unnamed beta process. Not everyone wants to be involved with a beta.

    1. Martin Brinkmann said on December 2, 2017 at 6:12 am
      Reply

      I doubt that he will throw the towel. I hope the extension improves, but there are things that cannot be done with WebExtensions last time I checked.

      1. Pen said on December 2, 2017 at 8:46 am
        Reply

        Here’s a more straightforward answer from Giorgio:

        “Yes, feature parity with legacy NoScript, at least security-wise (it cannot ever be UI-wise), for the features which still make sense in Firefox 59 (browser security evolved as well in 12 years) is gonna happen before the Tor Browser switches to WebExtensions, of course.”

        https://hackademix.net/2017/12/01/noscript-quantum-1015-starts-to-feel-normal/#comment-39561

        So yay. Also NoScript legacy is very old code, it hasn’t received meaningful updates in years. It’s a boon that the same developer goes at it again in the context of modern web technology and threats.

      2. Pen said on December 2, 2017 at 7:08 am
        Reply

        Quoting Giorgio Maone: “If, otherwise, you really need the full-rounded, solid, old NoScript experience you’re used to, and you can’t bear anything different, even if just for a few weeks, dont’ worry: NoScript 5.x is going to be maintained and to receive security updates until June 2018 at least, when the Tor Browser will switch to be based on Firefox 59 ESR and the “new” NoScript will be as powerful as the old one.”

        https://hackademix.net/2017/11/14/double-noscript/

        He mentioned full feature parity elsewhere if I recall correctly.

  27. Anonymous said on December 1, 2017 at 8:44 pm
    Reply

    To keep his stars Giorgio should copy on Wladimir, asking to Mozilla’s moderators to remove bad comments.

  28. akg said on December 1, 2017 at 8:33 pm
    Reply

    no script webext is bullshit. i am using my all old addons in waterfox 56

  29. Richard Bejtlich said on December 1, 2017 at 7:59 pm
    Reply

    I’ve used NoScript for years. I liked how easy it was to enable specific domains per page. The new version is basically unusable. I can’t figure out the UI. I don’t know if it does what it used to do. I’m looking for alternatives now.

  30. FloridaJim said on December 1, 2017 at 7:13 pm
    Reply

    I prefer YesScript, which allows pages to function normally until you hit a troublesome one, then you toggle on and off to blacklist it. Sadly it is not yet a WebExtension, and NoScript blocks javascript by default (hence the opposite name YesScript), so I’m sticking with FF 56.0.1 until it is updated by someone. The WebExtesion YesScript2 is not the same.

    1. Sophie said on December 2, 2017 at 8:52 am
      Reply

      Agreed! I prefer also, to use YesScript. My investment of time is in other forms of control, like for example, filters in uBO. I think Noscript is approaching the problem from the wrong way round (too heavy, too extensive, too limiting) and instead, YesScript for those troublesome situations….and only for those.

      1. John Fenderson said on December 6, 2017 at 6:47 pm
        Reply

        ” I think Noscript is approaching the problem from the wrong way round (too heavy, too extensive, too limiting)”

        Different people have different needs.

        YesScript isn’t nearly heavy, extensive, or limiting enough for my needs. Since I’m using NoScript to enhance security (stop tracking, etc.), I’d never notice a “troublesome situation” without actually sniffing the traffic going to the webserver. And if that traffic is encrypted, even then I wouldn’t be able to notice.

        Better to block everything by default, and only allow the specific code that I am comfortable with.

    2. Pilgrim said on December 1, 2017 at 9:23 pm
      Reply

      Try this one maybe: https://addons.mozilla.org/en-US/firefox/addon/disable-javascript/

      You can also try out various setups without touching your Firefox 56 installation if you use Firefox 57 portable. That’s how I ended up switching to Firefox 57 full time and uninstalled 56, even though I’m a NoScript-dependent user with a ton of UI tweaks.

      https://portableapps.com/apps/internet/firefox_portable

  31. slumbergod said on December 1, 2017 at 7:09 pm
    Reply

    My take on this is that Mozilla are to blame. Yes, they gave warning that they were going to kill old add-ons. At the same time the webext APIs were not mature enough. The most popular add-ons were abandoned by Mozilla. They should have been the first ones to make APIs for!!!! NoScript, All-in-one-sidebar, down-them-all, and so on.

    So I now happily use my old addons in Waterfox. Firefox is no longer my browser.

  32. Chuck W said on December 1, 2017 at 6:50 pm
    Reply

    It’s getting better. When the initial release didn’t have the “Allow all temporarily” option, I was ready to slam the door on it, but updates have remedied that problem. It’s improving, and I’ll take it over nothing! Still pondering giving up on Firefox in the long haul, though.

  33. titosalah said on December 1, 2017 at 6:20 pm
    Reply

    What happen to NoScript ???!!! i install it firefox Qua and stuck when i use it >> disable it and re enable to work
    and devs change some option (NOT GOOD) chrome eat RAMS But the best

  34. Darren said on December 1, 2017 at 6:19 pm
    Reply

    I still haven’t “updated” to 57. Just don’t want to deal with it yet. Have too many great addons that don’t have good replacements (like noscript, speed dial, session manager, etc)… Just not quite sure yet what I want to do. :(
    And I’ve been too busy.

    1. Pen said on December 2, 2017 at 7:02 am
      Reply

      As said here: https://www.ghacks.net/2017/12/01/noscripts-rating-drops-after-firefox-quantum-release/#comment-4299642

      You could do it slowly if you run Firefox 57 portable alongside Firefox 56 installed :)

      1. crambie said on December 2, 2017 at 1:06 pm
        Reply

        ff56 hasn’t the latest critical security updates. You’d be better off running waterfox 56 as it has them.

    2. Jason said on December 2, 2017 at 12:41 am
      Reply

      Honestly, just take the plunge. I knew I’d run into problems too, but in the end I’m happy I upgraded.

  35. Dave said on December 1, 2017 at 5:56 pm
    Reply

    I just updated it. Now it says it’s blocking 7 things on this page but it doesn’t show what they are :(

    1. Chuck W said on December 1, 2017 at 6:47 pm
      Reply

      I’ve noticed that, too. Only 5 on the icon today, but it’s been higher.

  36. Robert said on December 1, 2017 at 5:48 pm
    Reply

    The problem, Kubrick, is that Mozilla removed features that made some of these extensions possible in the first place. The extension devs could work tirelessly for years and it wouldn’t make a difference because Web extensions are just not as powerful as the old system.

  37. Kubrick said on December 1, 2017 at 5:16 pm
    Reply

    In no shape or form should mozilla or indeed any other browser developer pander to extension developers.If the extension developers cannot fit into the new way of firefox working then the extension should be removed and banished.The addon developers have had months to prepare for ff 57 and its quite unbelieveable that noscript seemed rushed and unready.FWIW its not that essential an extension and people are going along with the snake oil just for a self assured joyride.
    Chrome has a built in option to disable javascript completely so this and extensions like it are useless.And also i discovered that noscript is very untidy when being removed as it leaves about-config entries.
    Ublock origin is an extension of worth and should be considered over noscript which has outlived its usefulness.

    1. MozillaBrokeItWhy said on December 11, 2017 at 6:18 pm
      Reply

      “In no shape or form should mozilla or indeed any other browser developer pander to extension developers”

      Moz developers were pretty clear that they are seeking a new user base and that power users, advanced users,
      longtime fans, and those who put value on what they received from existing extensions were not on their list of
      considerations in development. That makes them awful people in my book. Our loyalty was based on a good
      and usable and extensible project. I’ve enjoyed the growth since v.1.0 What does that get me? As a browser
      user I should give up on understanding and shaping the overly commercial web that I’ve managed to control
      in the past due to careless attitudes like yours. Making it possible to develop addons that work and are useful
      and not so many themes that are cartoonish, but don’t address interface issues, removing the power that addons
      brought…it’s stupifying

    2. John Fenderson said on December 6, 2017 at 6:41 pm
      Reply

      “In no shape or form should mozilla or indeed any other browser developer pander to extension developers”

      It’s not called “pandering to developers.” It’s called “meeting the needs of users”.

    3. Robert Ab said on December 2, 2017 at 6:10 am
      Reply

      Have in mind that addon developers are dependent on available APIs that are provided by Mozilla. If many addon functions are not covered by those APIs than developers cannot do much. NO SCRIPT developer at least tried, many decided not to bother until APIs will be ready.

      So this is completely Mozilla managers fault.
      https://www.reddit.com/r/firefox/comments/7gqv65/apis_needed_for_session_manager_to_become/
      (go also to 2nd page)

    4. crambie said on December 1, 2017 at 6:55 pm
      Reply

      You do know that some api’s landed days before 57’s release while others still aren’t there? It’s noting to do with pandering.

  38. GeorgeK said on December 1, 2017 at 5:07 pm
    Reply

    I feel sorry for all the decent and honest developers who have put in a lot of work and time to create add ons. Not everybody of these guys has the time and means to redo their stuff so it works w/FF Quantum.
    And Mozilla can say whatever they want, one thing is more than clear:

    We, the users, are losing a quite a few of excellent add ons because of Quantum. Question is, what do we get in return ?? Personally, I stayed w/FF 56.0.2. Don’t know if this is a wise decision,but what do we know these days anyways ?

    1. Gregory said on December 2, 2017 at 11:45 am
      Reply

      Some addons go, some new ones come. That’s the circle of life. Deal with it.

      1. vosie said on December 5, 2017 at 2:38 pm
        Reply

        That was the case with the XUL addons. If the author abandoned a broken addon, a replacement was usually made.

        But now, with the crap WebExtensions this is the case: most addons die, and no replacement is possible.

      2. Charcoal said on December 2, 2017 at 5:43 pm
        Reply

        What a silly remark. Repeating truism.

  39. James T. said on December 1, 2017 at 4:47 pm
    Reply

    Has it been brought up how Mozilla worked closely with the Noscript developer
    Especially after Mozilla published blog posts highlighting NoScript
    Also NoScript is a featured addon on AMO

  40. Ben said on December 1, 2017 at 4:44 pm
    Reply

    Today I found out: FF57 does not even ship with an API to have a working session manager.

    @Martin: Waterfox 56 just got released, you should make an article about it.
    https://www.waterfoxproject.org/blog/waterfox-56.0-release-download

    1. Anonymous said on December 3, 2017 at 11:06 pm
      Reply

      I have add-ons letting me manage my sessions pretty smoothly right now in Firefox 57.

    2. Martin Brinkmann said on December 2, 2017 at 6:14 am
      Reply

      I reviewed the test build released earlier, and updated the review page to highlight that.

  41. Wolf said on December 1, 2017 at 4:28 pm
    Reply

    I never considered an option to stay on ESR or alternate browsers based on the old FF platform, so I stayed on FF beta and once NoScript stopped working, I switched to harder custom settings on uBlock and uMatrix and never went back (as most of my NoScript customizations where based on ABE)

  42. P. M. Claarke said on December 1, 2017 at 4:26 pm
    Reply

    Despite uMatrix not offering the same level of protection it has a more sane UI and controlling it feels more natural. I had to migrate, because NoScript is absolutely terrible in that regard. Felt like discovering society after living like a caveman. It can remain irrelevant for all I care. Embracing uMatrix as the better NoScript (since I only really care to block JS and cookies with it).

    1. Sean said on December 2, 2017 at 5:44 pm
      Reply

      > Despite uMatrix not offering the same level of protection
      Pop down the uMatrix panel, click *, click on the lower half of ‘script’, click the lock icon. You have just implemented NoScript in uMatrix.

      I agree it hasn’t made sense to use NoScript for a long time now, save maybe in TOR Browser. It’s a naive and unnecessarily laborious solution for open web privacy.

  43. RPWheeler said on December 1, 2017 at 4:15 pm
    Reply

    “Have you seen what they have done to Firefox?”, my wife asked. I didn’t, because switched to ESR channel earlier. She said that she is now more comfortable with Chrome and has no interest in Firefox since v.57.

    Myself I switched to Pale Moon and Waterfox at home (as far as they keep old add-ons working), and to Chrome at my work machine. I have over 20 “legacy” add-ons, and to have ability to use them is important for me. So Firefox is only backup browser for me now, not very usable.

    From the first time I heard about “WebExtensions” I said that they will be inferior.

    1. Gregory said on December 2, 2017 at 11:42 am
      Reply

      May i ask why it’s not usable for you both?

  44. VioletMoon said on December 1, 2017 at 3:43 pm
    Reply

    Not even enough ratings for a sample population in statistical models, a sample population that would allow us to “produce results accurate to a specified confidence and margin of error”: NoScript had a five star rating by “1600 different users, and [out of] more than 1.7 million active users in total.”

    In other words, five star NoScript ratings were statistically flawed, unconfirmed, and extremely biased-worthless. That a few users are now disappointed means little since there were so many previous users who never rated the extension.

    1. Jason said on December 2, 2017 at 12:24 am
      Reply

      VioletMoon, I’m not sure what you are quoting from, but take a look at the table here: http://research-advisors.com/tools/SampleSize.htm . For a population size of 1 million, you only need 1534 poll participants to achieve a 95% confidence level and a margin of 2.5%. NoScript currently has >2200 poll participants. That is enough.

      The REAL problem in product surveys of this type is not the number of participants but the way in which they are selected. One of the underlying assumptions for the table I linked is that the poll participants are randomly chosen. In reality, we know the Mozilla participants are “self-selecting” (no one chose them; they chose themselves). Self-selecting introduces all kinds of problems, including the disproportionate influence of really angry or really enthusiastic people. Another problem is that this is a “running poll”, in which the average rating is calculated from a mixture of old and new participants without any effort to keep the number of participants per day/month/week/year at a fixed level.

      So, can we make good statistical calculations from the Mozilla ratings? Only with great difficulty. But DOES THIS PREVENT US FROM DRAWING REASONABLE CONCLUSIONS FROM THE RATINGS? No. When we see a sudden change in the average score of a poll like this one, it’s reasonable to assume there is an underlying problem with the product being reviewed.

      1. Anonymous said on December 6, 2017 at 8:55 pm
        Reply

        Yes: It’s in beta

    2. Clairvaux said on December 1, 2017 at 9:44 pm
      Reply

      This is a very common misconception of statistical theory. In order to be representative, you don’t need a set proportion of the total users, just an absolute number reaching a certain threshold. 1600 ratings is more than the number of people involved in many polls (which admittedly apply a pre-selection).

      Anyway, that’s a moot point. When asking for opinions to select a doctor, do you try to reach a “statistically representative” number of people ? Of course not. If you manage to ask three or four patients, you’re more than happy. 1600 opinions to select a piece of software is a lot, especially considering that many people would have written a few words to elaborate. How do you use buyers’ ratings on Amazon ? Do you refuse to take them into account because there’s no statistical stamp of approval on them ?

      Also, most users don’t rate products. It’s always a tiny, tiny minority that does. That’s expected and normal. When Martin writes about a product, he’s a tiny minority of one, and yet we lend weight to his thoughts.

    3. Frank said on December 1, 2017 at 9:18 pm
      Reply

      A few users? Have you seen what’s going on in the forum? Read the comments on the blog? The reviews are nothing compared to that.

  45. Microfix said on December 1, 2017 at 3:38 pm
    Reply

    When I did test/ try FF v57, I found that the noscript’s clunky design was ugly, flyouts were too big and settings interface was perplexing.
    Needless to say, I reverted back to Firefox ESR with noscript 5.1.7 (home again)

    There’s nothing wrong with the extension as an internet security tool although the interface leaves too much to be desired on FF57 as it is.

  46. crambie said on December 1, 2017 at 3:07 pm
    Reply

    Mozilla’s more to blame than the dev.

    1. ask said on December 27, 2017 at 10:57 am
      Reply

      No – the NoScript UI & icons have always been bad / obtuse – now it’s just fucking awful.

    2. vosie said on December 11, 2017 at 8:27 am
      Reply

      Agree. This proves how primitive people are. They blame the addon developers instead of Mozilla.

    3. Ron said on December 2, 2017 at 12:05 am
      Reply

      Mozilla is 100% to blame.

      1. vosie said on December 11, 2017 at 8:14 am
        Reply

        Agree. It’s Mozilla’s fault.

      2. Gregory said on December 2, 2017 at 11:38 am
        Reply

        Not really. Other Devs had no problems like the dev of uBlock Origin and uMatrix. The design and functionality remained the same. The NoScript guy wanted to create a new design which is a total disaster. The dev is 100% to blame.

    4. Marti Martz said on December 1, 2017 at 4:36 pm
      Reply

      > Mozilla’s more to blame than the dev.

      I could not agree more with you. As someone else put it “Have you seen what they have done to Firefox?”.

      From a developer standpoint Fx itself is severely crippled now and generally too unpleasant to use.

      Try running **any** extension on AMO… In this articles case you can be somewhat protected from bad sites except on Mozilla’s where they will do whatever dubious behavior they want. Seems hypocritical.

      1. Anonymous said on December 6, 2017 at 9:36 pm
        Reply

        “> The opposite, development has gotten way easier,…

        > Your opinion for sure and is in the minority at this time.”

        It’s not an opinion but a fact that WebExtensions are easier to develop on than legacy add-ons.

        To quote Tree Style Tab’s developer, who wrote 100 legacy add-ons over 16 years:

        Q: How difficult is it to debug Firefox [Web]extensions?
        Today that is very easy to learn. Most extension authors don’t need to become experts of Firefox-specific technologies, especially XUL and XPCOM. Moreover, the about:debugging feature of Firefox itself is very helpful for debugging of extensions. A command-line tool called web-ext is also helpful for debugging and publishing.

      2. ff said on December 3, 2017 at 12:51 am
        Reply

        I find the new Firefox pleasant to use. The new no-script add-on has already gotten some updates, as the article describes, and more will follow.

      3. Pen said on December 2, 2017 at 3:04 pm
        Reply

        ” How long do you think that will last not to mention it doesn’t work with every WebExtension. Any one with an ounce of adaptability would understand that. ”

        At least as long as Tor Browser exists, since this pref was created at their request and is a requirement for this browser’s use case. (https://bugzilla.mozilla.org/show_bug.cgi?id=1384330#c2)
        Which ones does it not work with ?

         

        ” AMO still hasn’t fully properly allowed add-ons to be installed for the target browsers using “legacy” addons for several years. ”

        I’m not sure what Palemoon and friends have to do with this. Installed add-ons can inject content into AMO, or degrade its security through altering the secure connection or blocking client side JavaScript security checks even when they are not malicious. Starting with WebExtensions, they can’t do so by default any more, only someone who explicitly wants them to work will change that default. Whether it is a decision worth the trouble or not is something one can only decide after having evaluated the real world threats Firefox is facing. For instance a lot of add-ons installed alongside regular software, such as antivirus add-ons at least until last year, actually degrade secure connections.

         

        ” NoScript’s author is one of the most talented and honest developers out there. ”

        Yes and he said NoScript WebExtension would be full featured before Tor Browser switches to Firefox 59 ESR, when compared to legacy NoScript.

      4. Marti Martz said on December 2, 2017 at 9:23 am
        Reply

        Alright… I’ll bite… just a little though…

        > Pen

        You lost all credibility the moment you hid behind a sock.

        > Rad quote…

        Way to date yourself.

        > quite a philosophical background you must have

        Glad you are exasperated. Did you want something else to inhale to calm you down or have you done it all?

        > Yes, please do. Create and set `privacy.resistFingerprinting.block_mozAddonManager` to true and go ahead

        How long do you think that will last not to mention it doesn’t work with every WebExtension. Any one with an ounce of adaptability would understand that. At least this proves you can read other GHacks articles and perhaps searching… there is promise for you yet.

        > AMO is…

        As another developer put it paraphrased “condescending”. Seems like you fit in this category… again I’ll digress to your level for a brief period.

        > a sensitive place and it is by default being protected from add-ons tampering with it

        It’s quite obvious that you have no cross-browser experience. AMO still hasn’t fully properly allowed add-ons to be installed for the target browsers using “legacy” addons for several years. Many a time I’ve had to coach the inexperienced on this. You are now a proud recipient of that queue whether you like it or not.

        > The opposite, development has gotten way easier,…

        Your opinion for sure and is in the minority at this time. With the constant changing landscape of poor decisions from the Fx team I’m surprised most of those developers have stuck around. The add-on developers should be commended for their adaptability not criticized from the masses with their inept perception of self entitlement. That shows lack of maturity by whining and complaining instead of productive and constructive feedback.

        > all add-ons developers know that XUL is a nightmare to learn.

        XUL is a cinch if you have the ability to grasp newer ideas in languages. Only someone with limited experience and perhaps intelligence won’t be able to pick it up.

        Bringing this back to topic instead of your personal attack… NoScript’s author is one of the most talented and honest developers out there. He, and his team, deserves plenty of time and respect to develop and less childish insults like what is being demonstrated in some of the responses. What’s interesting is I’m not having any described issues with NoScript 10.x on any of the sites I peruse yet.

        No one knows everything and it’s very much arrogant presumption that those would expect every addon developer to be fully prepared when even the Fx team isn’t. Clearly it seems like “Bic” doesn’t have a day job to attend while working with open source… but I could be mistaken. In that case “Bic” shouldn’t quit the day job.

        Feel free to respond but I’m done teasing a troll and have much better things to do.

      5. Pen said on December 2, 2017 at 6:50 am
        Reply

        > As someone else put it “Have you seen what they have done to Firefox?”.

        Rad quote, quite a philosophical background you must have

        > Try running **any** extension on AMO…

        Yes, please do. Create and set privacy.resistFingerprinting.block_mozAddonManager to true and go ahead. AMO is a sensitive place and it is by default being protected from add-ons tampering with it. Technically literate people can change defaults.

        > and generally too unpleasant to use.

        The opposite, development has gotten way easier, all add-ons developers know that XUL is a nightmare to learn.

        As for NoScript, the developer himself said it is going to end up having all features of legacy NoScript plus some.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.