Anti-exploit testing

This is how dynamic mini filter works, see pic

 

You create the best visual explanations - thank you very much

 

You're welcome. You can also deny javascript in chrome and allow a few high level domains like you home country (for me NL = Netherlands, UE=Europe, COM=commercial, ORG, EDU and NET), this way all script based malware which directs to regions you don't browse website is blocked without having any impact on the browsing experience/functionality.

You can allow individual websites when SCRIPT icon appears url bar.

 

Thanks, gonna try that out.

 

I've done that also thanks.

Much appreciated.

 

uBlock can function well as a script and iframe filter, but one little nuisance (possible - depends upon individual) with it is it does not auto-refresh the page when an iframe or script tag setting is changed from a current status. It means the user will need to refresh the browser every time to see the effects of a change.

 

exploit on the demo page can be blocked by blocking inline script

Also, the new image blocking option in dynamic scripting is very helpful when one needed to block the images

@wat0114, uBlock now has Refresh, when one changes sth on Dynamic filtering.

Attached pic shows inline scripting (for exploit test case demo) and refresh icon in action . And this is from firefox (Still in unofficial beta )

 

It was thirty years ago when I was a software designer. In those days with practically no frameworks and rudimentary service architecture, the most straightforward way to start re-using code, was to break everything into layers and modules (vertically in presentation layer, process layer and data layer, horizontally into 'life cycle' stages/modules like search, list, insert, read, update, delete of function objects/data entitites).

For this old school man it is a horrible practice to embed function logic (javascript) into the presentation layer (HTML, CSS). I would avoid in-line scripts for reasons of transparency and re-use, which should translate into easier/cheaper maintenance and higher performance (modularity increased the chance of a chunk of code being cached).

I am curious whether the old benefits still applies with all these modern frameworks and development environments. Many websites are used just for marketing and sales and have a shorter life cycle as business applications. To me in-line coding feels as breaking with good habits.

 

Yes, I saw that the other day when I was using the new uBlock. Gorhill has done a great job with the improvements he's added to it. Still, I've decided to keep using only uMatrix. I just like it better overall.

 

Yes, uMatrix has more Privacy related options and offers you more granular control.

And am using more firefox now , with uBlock. And validating, if Noscript can be removed from equation with uBlock's dynamic filtering in place. Ofcourse, it does not offer more granular than what we get with uMatrix or Noscript.