Group: Free Software Foundation/Tasks/ModifyNoScript

From LibrePlanet
Jump to: navigation, search
(== GNU LibreJS == GNU LibreJS is the first -and currently the only- project which implements the desired behaviour. * [https://www.gnu.org/software/librejs/ GNU LibreJS homepage])
 
(26 intermediate revisions by 10 users not shown)
Line 1: Line 1:
== The task ==
+
:''Note: a lot of discussion is taking place at [[Group talk:FSF/Tasks/ModifyNoScript]].''
  
* http://www.fsf.org/tasks/noscript
+
== The Task: Block non-free javascript ==
 +
 
 +
Many websites try to send non-free javascript to you when you browse them.  Most web-browsers, including free software ones, automatically execute this javascript.  Which leads to the problem of running non-free software without having had the choice or being aware of it.  This problem is described in more detail in Richard Stallman's essay [http://www.gnu.org/philosophy/javascript-trap.html The JavaScript Trap].
 +
 
 +
== GNU LibreJS ==
 +
 
 +
GNU LibreJS is the first -and currently the only- project which implements the desired behaviour.
 +
 
 +
* [https://www.gnu.org/software/librejs/ GNU LibreJS homepage]
 +
 
 +
Mailing lists:
 +
* https://lists.gnu.org/mailman/listinfo/bug-librejs - main list, includes development general discussion
 +
* https://lists.gnu.org/mailman/listinfo/help-librejs - includes user discussion
 +
* http://lduros.net/cgi-bin/mailman/listinfo/librejs - Old, no longer used
  
 
== Interested parties ==
 
== Interested parties ==
Line 7: Line 20:
 
(Add your name, perhaps a link to your userpage) and some way for people to contact you.
 
(Add your name, perhaps a link to your userpage) and some way for people to contact you.
  
[[User:nvjacobo]] jacobo[at]gnu[dot]org
+
# '''[[User:lduros]]''' lduros[at]member[dot]fsf[dot]org
 +
# '''[[User:nvjacobo]]''' jacobo[at]gnu[dot]org
 +
# '''Caz Downing-Bryant''' [[User:Vonkow/Profile]] caz[at]vonkow[dot]webfactional[dot]com
 +
# '''dmonhntr''' kt54speed \\ at \\ ymail \\ dot \\ com
 +
# '''Ben''' [dh]{at}[fsf]{dot}[com]
 +
# '''Luisvega''' vega{at}member{dot}fsf{dot}org
 +
# '''EduardoFreitas''' eduardofilipef [at] gmail [dot] com
 +
# '''Esetzer''' use email address at top of [http://eliot-setzer.ni.yoru.to/resume/0.xhtml my resume]
 +
 
 +
==Navigating the NoScript source code==
 +
 
 +
You can download the source code of noscript here:
 +
 
 +
* https://addons.mozilla.org/en-US/firefox/downloads/latest/722/addon-722-latest.xpi
 +
 
 +
It seems to be written in javascript, and the majority of the code is in a zip-file called ''noscript.jar'' in the "chrome" directory.
  
'''Caz Downing-Bryant''' [[User:Vonkow/Profile]] caz[at]vonkow[dot]webfactional[dot]com
+
(RequestWatchdog.js seems to be the file that checks requests, and may be the one that we need to modify -Caz)
  
I have a number of ideas of how best to accomplish this task. NoScript operates by blocking the execution of any script not served from a user-defined white-list of sites. I am still not entirely sure how deeply it inspects a script before allowing its execution, but I do not believe that it currently has the ability to determine whether a script is trivial or non-trivial.
+
==dmonhntr's Modified NoScript==
  
What is needed, I believe, is a method of identifying JavaScript that is Free Software and allowing its execution. To that end I am currently working on a Firefox Extension that can detect and display uncompressed source code and license information for embedded JavaScript. In addition, the extension can be set to block the execution of non-free JavaScript (though it is yet unable to detect trivial vs non-trivial scripts). I'm still ironing out the details, but I am quite close to creating a standards-compliant method of easily embedding license and source code information for browser JavaScript.
+
* http://webpages.charter.net/kidzplay/NoScript/FreeScript/freescript%20v0.2.0b.xpi (updated 14:36, 9 September 2011 (EDT))
  
NoScript does not yet have in-built support for subscribing to externally updated lists of permitted sites, however it is relatively easy to emulate this functionality using additional Firefox Extensions. The lead developer of NoScript has stated that he is hesitant to add this functionality to NoScript itself, as a master list of blocked domains would require political decisions as to which sites should be allowed. For the Free Software community, this is not an issue as the litmus test for a site is simply whether it serves Free JavaScript or not.
+
dmonhntr's Test Page:
  
With a community maintained NoScript white-list of websites that use properly licensed and sourced Free JavaScript and an extension that can display the license and source information (such as the one I am working on), I believe that we can create an effective way of protecting the user's software freedom within the web browser.
+
* http://webpages.charter.net/kidzplay/NoScript/overallTest/overallTest.htm
  
I will have a fully working prototype of this idea relatively soon and will post further details at that time.
+
dmonhntr's Trivialness Script:
  
Thoughts, questions, comments?
+
* http://webpages.charter.net/kidzplay/NoScript/trivial.htm
  
-Caz
+
If you have any questions about the dmonhntr stuff above, just email me (dmonhntr) at address above.

Latest revision as of 15:36, 31 December 2012

Note: a lot of discussion is taking place at Group talk:FSF/Tasks/ModifyNoScript.

The Task: Block non-free javascript

Many websites try to send non-free javascript to you when you browse them. Most web-browsers, including free software ones, automatically execute this javascript. Which leads to the problem of running non-free software without having had the choice or being aware of it. This problem is described in more detail in Richard Stallman's essay The JavaScript Trap.

GNU LibreJS

GNU LibreJS is the first -and currently the only- project which implements the desired behaviour.

Mailing lists:

Interested parties

(Add your name, perhaps a link to your userpage) and some way for people to contact you.

  1. User:lduros lduros[at]member[dot]fsf[dot]org
  2. User:nvjacobo jacobo[at]gnu[dot]org
  3. Caz Downing-Bryant User:Vonkow/Profile caz[at]vonkow[dot]webfactional[dot]com
  4. dmonhntr kt54speed \\ at \\ ymail \\ dot \\ com
  5. Ben [dh]{at}[fsf]{dot}[com]
  6. Luisvega vega{at}member{dot}fsf{dot}org
  7. EduardoFreitas eduardofilipef [at] gmail [dot] com
  8. Esetzer use email address at top of my resume

Navigating the NoScript source code

You can download the source code of noscript here:

It seems to be written in javascript, and the majority of the code is in a zip-file called noscript.jar in the "chrome" directory.

(RequestWatchdog.js seems to be the file that checks requests, and may be the one that we need to modify -Caz)

dmonhntr's Modified NoScript

dmonhntr's Test Page:

dmonhntr's Trivialness Script:

If you have any questions about the dmonhntr stuff above, just email me (dmonhntr) at address above.

Retrieved from "https://libreplanet.org/wiki?title=Group:Free_Software_Foundation/Tasks/ModifyNoScript&oldid=27458"