It adds Microsoft controlled afx.ms and gfx.ms to the default whitelist

Oct 29, 2012 12:31 GMT  ·  By

NoScript 2.5.9 has been released recently and the new version integrates a couple of fixes as well as some modifications necessary to keep the application up to date.

The developer added afx.ms and gfx.ms domains to the default whitelist, as they are required by email services from Microsoft; additionally, they are fully controlled by Microsoft and no user content is allowed.

Also new is one XSS (cross-site scripting)-related modification, which consists in the removal of false positives on some Google Gadgets. On the same note, the developer added a new fake mime type placeholder "FRAME" to match FRAMEs and IFRAMES with the “noscript.allowedMimeRegExp” setting.

The repairs included in this release refer to redirections that involved websites marked as untrusted, which caused inconsistencies in the page permissions; the result would be blocking JavaScript regardless of whether the site was whitelisted or not.

Download NoScript