HTTP Switchboard for Chrome/Chromium:

Discussion in 'other software & services' started by apathy, Nov 25, 2013.

  1. gorhill

    gorhill Guest

    I don't know what to say. Maybe try to disable and re-enable the extension (warning: do not uninstall, if you uninstall, you will lose all your rules).
     
  2. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    i noticed the rules can easily be saved to a text file:
    Rule Manager/Export Rules.
    then copy and paste into a text file.

    then it's just a matter of pasting, importing the rules and locking the padlocks afterwards.

    tnx again ray, great work on this extension! :)
     
    Last edited: Nov 29, 2013
  3. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,290
    Location:
    EU
    Well...do not worry...just switched from Dragon to Chromium! :D :D :D
    Now all is fine! :D
     
  4. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    still using this after a week.

    the thing that works for me is to slowly build a list of whitelisted sites, the fewer the better.

    definitely the best alternative to NoScript on a Chrome based browser, imo.
     
  5. tlu

    tlu Guest

    Absolutely :thumb: It's actually more flexible than Noscript as you can easily create more fine-grained rules in HTTPSB (well, it's also possible in Noscript via ABE but that's much more complicated and laborious).

    It doesn't have features like an XSS filter or protection against clickjacking but those features are provided by Chrome itself.
     
  6. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    It looks like Raymond is about to release a big update :)
     
  7. apathy

    apathy Registered Member

    Joined:
    Dec 10, 2004
    Posts:
    461
    Location:
    9th Circle of Hell(Florida)
    I would love to see an option to temporarily whitelist domain from the context menu. Some of my extensions like pocket function a little funky when javascript isn't enabled on the current domain. Quickly enabling javascript from the menu would be great.
     
  8. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    You can enable the domain and all related below it with a single click to make the box go dark green. When you want to remove the whitelist, just click on the brush icon - Clear all temporary rules.... although I do realize this action will often spawn other blocked js which may need to be enabled for full site functionality.

    BTW: v0.6.2 is released :thumb:
     
  9. apathy

    apathy Registered Member

    Joined:
    Dec 10, 2004
    Posts:
    461
    Location:
    9th Circle of Hell(Florida)
    Yes that is easy enough to do and I am very familiar with the extension but I'm just talking speed and convenience. Sometimes I quickly want to enable javascript on a domain without going into the extensions gui.
     
  10. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,321
    Location:
    AmstelodamUM
    First of all, Gorhill, much appreciated! Awesome work.

    ^It would be nice if it had a Noscript-like feature where double-clicking the icon allows temporary whitelisting for scripts/specific rule-set per page/tab.
    Perhaps also a setting where you have to enable such a double-click feature explicitly, to avoid temporary whitelisting accidentally.
     
  11. gorhill

    gorhill Guest

    I'm trying NoScript, and I can't see this feature. When I try to double-click the icon, the pop-up menu tries to show. How does it work exactly? I would like to try it to see how easy the feature can transpose in HTTPSB.

    Also I can't find the per-page ruleset on NoScript. I tried the "Allow all this page" menu entry, but clearly global scope permissions are created, as pages in other tabs with similar hostnames were reloaded.
     
  12. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    in Noscript, you can temporarily allow all a website by clicking on the mouse wheel...
     
  13. OuterLimits

    OuterLimits Registered Member

    Joined:
    Nov 13, 2009
    Posts:
    66
    I'm finally getting the hang of this. The tutorials on the wiki page have been a great help to me - Thanks Gorhill

    https://github.com/gorhill/httpswitchboard/wiki

    I'm having a couple of problems where websites work and then when I close the browser and reopen it shows "this webpage has a redirect loop". I pause/turn off HTTPSB load the page then restart HTTPSB to resolve and my permissions had previously been padlocked and remain so. Marketwatch.com is one but I don't see a problem with a quick reload.

    It seems easy enough to just shut it off temporarily rather than needing a pause function especially since when off the box stays on top till its turned on again so you won't forget its off.

    One of the best extensions available for Chrome. I'd never have found it though if it weren't for Wilders since it doesn't have 'script' in the name. When I do a search for 'script' on the Chrome extension start page HTTPSB comes up after maybe a hundred other extensions. I dislike that there is no way to do more granular searches for extensions anyway. As an old telco guy I can appreciate the 'switchboard' part of the name it fits perfectly.
     
  14. gorhill

    gorhill Guest

    Let's try to resolve this. I created an account and I have to say it was quite a challenge to find the proper ruleset to login, and in particular I had to de-blacklist hostnames which are part of the preset blacklists.

    So let's try this recipe:

    Code:
    https%3A%2F%2Fid.marketwatch.com%0A%09wh
    itelist%0A%09%09*%20a248.e.akamai.net%0A
    %09%09*%20barrons.com%0A%09%09*%20d29usy
    lhdk1xyu.cloudfront.net%0A%09%09*%20dowj
    oneson.com%0A%09%09*%20marketwatch.com%0
    A%09%09*%20rpxnow.com%0A%09%09*%20sb.sco
    recardresearch.com%0A%09%09*%20wsj.com%0
    A%09%09image%20*%0A%09blacklist%0A%09%09
    *%20*%0A
    

    Import the above text in the Rule manager. Lock the permissions in the before leaving the browser. (In the Rule manager, just click on each rule you just imported -- I need to work more on this page, it is still a very early version missing lots of functionality.)

    It is a per-page ruleset, so those preset blacklisted hostnames which we must temporarily allow won't be whitelisted outside of the page "https://id.marketwatch.com".
     
  15. apathy

    apathy Registered Member

    Joined:
    Dec 10, 2004
    Posts:
    461
    Location:
    9th Circle of Hell(Florida)
    Thanks gorhill, your extension is the only reason I use Chromium ;)
    Update:

    0.6.3

    Context menu entries:
    To temporarily whitelist all for domain of current page
    To revert temporary permissions
     
  16. OuterLimits

    OuterLimits Registered Member

    Joined:
    Nov 13, 2009
    Posts:
    66
    Wow fantastic! Thanks very much.
     
  17. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    same here, it is the only reason i use Chrome at the moment.

    i like the new features in 0.6.3! :thumb:
     
  18. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,290
    Location:
    EU
    Updated to 0.6.4.
     
  19. bberkey1

    bberkey1 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    244
    Location:
    United States
    Are extensions like "Do Not Track Me" and Adblocker plus" still needed with something like HTTP SB? Seems like within the drop menu I can see the data trackers like google and facebook and I'd assume ads would fall under one of the many permanent black listed sub columns on websites.
     
  20. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    quite an important change as this make HTTP Switchboard a lot more easier to use on pages like the Chrome Webstore, as javascripts are not globally blocked as before.. :thumb:

    from the changelog:
    https://github.com/gorhill/httpswitchboard/wiki/Change-log#064
    ----
    not for me it ain't. :)
    the Switchboard icon tells me at a glance what is happening.
    that is a very neat GUI thing, btw.

    très bon travail sur ce plugin Ray.:thumb:

    let us know if you set up a donation page, i'm in for a few beers! :)
     
    Last edited: Dec 6, 2013
  21. apathy

    apathy Registered Member

    Joined:
    Dec 10, 2004
    Posts:
    461
    Location:
    9th Circle of Hell(Florida)
    The dreaded Chrome bug has been slayed by gorhill. Issue 35 has been beaten and I didn't even notice ;)
     
  22. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    I'm voting this best browser extension of the year :thumb: :)
     
  23. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    quite an achievement, imo! :thumb:
    i've tested this new 0.6.4 version and it passed the tests here:
    http://www.raymondhill.net/httpsb-test/httpsb-test-js-1.html
    and
    https://www.wilderssecurity.com/showpost.php?p=2287519&postcount=245

    totally agree! :)
    this extension, plus the added security of the Chrome sandbox makes this an ideal lightweight privacy and security combo.
     
  24. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    XHR is referring to cross domain HTML requests, right? Is there a way to see more information on that request more easily, to determine if it should be whitelisted?

    ex: I am fine with a.com making XHR to b.com but not c.com. I can't think of a usable UI that allows for this though.
     
  25. gorhill

    gorhill Guest

    The matrix shows the *destination* of the XHR request, so that would be easy for you to allow for XHR request to just b.com but nothing else.

    If you want to allow XHR requests originating from a.com to b.com but nowhere else, than it is a matter of creating a per-site permission for a.com and whitelist XHR for b.com.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.