On Sat, 30 Sep 2023 09:18:59 -0500 (CDT) Michael Hennebry <hennebry@xxxxxxxxxxxxxxxxxxxxx> wrote: > On Wed, 27 Sep 2023, stan via users wrote: > > > On Tue, 26 Sep 2023 12:06:46 -0500 (CDT) > > I think it is done by running javascript through your version of > > firefox. Do you have noscript add-on installed? That will block > > any > > Noscript was already installed nand active. > It did not complain. > > > javascript from a site, and you will have to turn on the urls that > > you want to be able to run javascript. I'm not sure how effective > > that would be in this case, since cloudfront.net is often needed > > because many sites use it as their host. But, I expect that the > > problem url would show up differently in noscript, and you would be > > able to leave it disabled. Usually, cloudfront.net is disabled > > automatically for other urls. I'm not willing to test that > > expectation, for obvious reasons. :-) > > I'm not clear on what this means. > The url window showed .cloudfront.net . > > > You could test whether this is the solution by installing noscript, > > shutting down and restarting firefox to clear the cache of allowed > > sites (that is a setting in the privacy tab), and then visiting the > > site again. The site should be blocked, and you can click on the > > I already had noscript installed and it did not complain. > > > noscript icon to see the list of urls that have been blocked from > > running javascript. If you want to experience the thrill again, you > > can allow javascript from the above problem address for > > confirmation. Then, turn it off, and the recovery is what you have > > already discovered. > > Once the site was active, > all I could click on was an always-on application that was already > running. The site seemed to have made firefox > fullscreen and turned off all its buttons. > > Javascript is client-side, correct? > The problem went away after disabling networking. > > Is there a way to tell firefox never to let a website take it > fullscreen? Failing that, is there a way to tell firefox to never go > fullscreen at all? > > An alternative that you could use when visiting dodgy sites is to use firefox profiles. It is as if you are running as a different user when you use one. /usr/bin/firefox --new-instance --ProfileManager will allow you to select, create, and delete profiles. You could create one called darkweb, that has everything locked down, and use it only for visiting dodgy sites. And even then, you could also use a container tab within it, so it is very restricted in its actions and access. Because these profiles are separate instances of firefox, you have to install all the add-ons and customizations for each one. Otherwise, you just get a default firefox instance. I also use them in the opposite way, when I know a website is legitimate, I reduce the security for that site in that profile. On sites like youtube, this helps restrict tracking (a little) when going into the belly of the beast (Google). _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
