Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign upScreenshots for RPC #665
Comments
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
DJ-Leith
Jun 2, 2015
Updating from RP 0.5.xx to RPC continued
Fig-004-Startpage
Fig-005-RPC-Releases-page
Here is the Release page for RequestPolicy 1.0.beta9.3
https://github.com/RequestPolicyContinued/requestpolicy/releases
Click the "requestpolicy-1-0-beta9-3.xpi" link to install.
Fig-006-Welcome-to-RequestPolicy
Next you will see this Welcome screen.
If you have 'an old RP' as in this example you have 'two RP Red flags' (one old one from RP and a new RPC Flag). This is expected as you update (when you have finished and restarted Firefox you will only have the new RPC Flag).
Note: NoScript is blocking about:requestpolicy?setup
add about:requestpolicy to the NoScript Whitelist
Fig-007-NoScript-Whitelist-after-adding-about-requestpolicy
If you are Upgrading, as in this example, click "Configure RequestPolicy".
If you have never used RP I recommend that you use the "Teach me how to use RequestPolicy" button. This will take you to
https://requestpolicycontinued.github.io/Quickstart.html
(Updated 2015-11-09: Old was https://www.requestpolicy.com/tutorial-1.0.html )
Fig-008-Configure-RequestPolicy-default
The defaults (shown) are good.
In this example, I am going to show you how to 'keep the RP Whitelist' we had before the Update.
So, select
"Block requests by default" and "No, don't use subscription policies."
Also, untick "Allow requests to the same domain".
Fig-009-Block-requests-Configure-Default Policy
Then press the "Return to browsing" link.
Now, look at about:addons (either in a New Tab or using the Menu).
Fig-010-Have-two-versions-of-RP
As you can see you still have the 'old RP'. Remove, in this example RP 0.5.29, and Restart Firefox.
Fig-011-After-Removing-the-old-RP-0.5.xx
Note: there is now only one 'RP Flag' - this is normal (you only saw two RP Flags when you had two versions of RP).
Now, click the 'RP Flag' and choose "Manage Policies" you will see this:
Fig-012-Manage-Policies-Your-Policy
Scroll down to see Your Rules.
In this example you might not see any!
Fig-013-The-old-rules-seem-to-have-gone
You might be alarmed. In this screen there are no Active rules!
However, open a New Tab and type about:requestpolicy?oldrules
Fig-014-Import-Old-Rules
Now click "Show re-import options".
Fig-015-The-Old-Rules-about-to-be-Imported
Here you can see the examples: wikimedia and the BBC (in the order from "pref.js").
Next, click the "Import Old Rules" button (at the bottom of the page).
Fig-016-Old-Rules-have-been-Imported
Fig-017-Active-Rules-before-Firefox-was-closed
These rules are saved in "user.json".
Close Firefox:
In "prefs.js" you will find:
user_pref("extensions.requestpolicy.allowedOriginsToDestinations", "wikibooks.org|wikimedia.org wikinews.org|wikimedia.org wikipedia.com|wikipedia.org wikipedia.org|wikimedia.org wikisource.org|wikimedia.org wikiversity.org|wikimedia.org wiktionary.org|wikimedia.org bbc.co.uk|bbci.co.uk bbc.co.uk|bbcimg.co.uk");
The 'old rules' are still in "prefs.js".
Start Firefox and go to about:requestpolicy?yourpolicy
Fig-018-Your-Policy-Active-Rules-after-starting-Firefox
Now, click the "Remove unused rules left over from the old version of RequestPolicy." link.
Fig-019-before-Delete-Old-Rules
Click the "Delete old rules" button.
Fig-020-After-Deleting-Old-Rules
DJ-Leith
commented
Jun 2, 2015
|
Updating from RP 0.5.xx to RPC continued
Here is the Release page for RequestPolicy 1.0.beta9.3 https://github.com/RequestPolicyContinued/requestpolicy/releases Click the "requestpolicy-1-0-beta9-3.xpi" link to install.
Next you will see this Welcome screen. If you have 'an old RP' as in this example you have 'two RP Red flags' (one old one from RP and a new RPC Flag). This is expected as you update (when you have finished and restarted Firefox you will only have the new RPC Flag). Note: NoScript is blocking
If you are Upgrading, as in this example, click "Configure RequestPolicy". If you have never used RP I recommend that you use the "Teach me how to use RequestPolicy" button. This will take you to
The defaults (shown) are good. In this example, I am going to show you how to 'keep the RP Whitelist' we had before the Update. So, select "Block requests by default" and "No, don't use subscription policies."
Then press the "Return to browsing" link. Now, look at
As you can see you still have the 'old RP'. Remove, in this example RP 0.5.29, and Restart Firefox.
Note: there is now only one 'RP Flag' - this is normal (you only saw two RP Flags when you had two versions of RP). Now, click the 'RP Flag' and choose "Manage Policies" you will see this:
Scroll down to see Your Rules. In this example you might not see any!
You might be alarmed. In this screen there are no Active rules!
Now click "Show re-import options".
Here you can see the examples: wikimedia and the BBC (in the order from "pref.js"). Next, click the "Import Old Rules" button (at the bottom of the page).
These rules are saved in "user.json". Close Firefox: In "prefs.js" you will find: Start Firefox and go to
Now, click the "Remove unused rules left over from the old version of RequestPolicy." link.
Click the "Delete old rules" button. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
DJ-Leith
Jun 3, 2015
Using RequestPolicy with Default Deny and a short Whitelist
I very rarely add Rules - I nearly always use Temporary Rules.
In my usage these Temporary Rules are lost:
- usually when I close Firefox,
- sometimes when I click the "Revoke all temporary permissions" in the RP Menu,
- very rarely by using the UI to stop an individual Temporary Rule.
Fig-021-a-short-Whitelist
Here is a very short Whitelist, NoScript also has a very short Whitelist, in this example.
Note: github.com is NOT on either Whitelist.
Fig-022-The-Default-Policy-is-block-requests
Fig-023-starting-at-RPC-issue-445
Here is the URL: #445
This page looks odd because all requests, even to other pages at github, are blocked by RPC.
Fig-024-Press-the-RP-Flag
All 234 requests from github are still blocked.
Fig-025-About-to-Temporary-Allow-github.com-to-github.com
The first request I am going to Temporary Allow will be from github.com to the same domain github.com. I have clicked the github.com on the left, which has brought the 'list of potential outgoing requests' that RPC is blocking (on the right). I will now Temporarily allow requests from *.github.com to *.github.com.
Fig-026-After-Temporary-Allow-github.com-to-github.com
I clicked on the Tab "the project's website . Issue ..." to close the RPC Menu.
The site refreshed.
You can immediately see the page looks much better. There are still many requests being blocked,
e.g. icons to the right of the "Labels" near the scroll bar. myrdd's icon is also blocked, just below the green "Open" button (on the left).
Fig-027-There-is-now-one-Temporary-Rule
Look at the Rules in the "Your Policy" about:requestpolicy?yourpolicy.
Fig-028-About-to-Temporary-Allow-requests-to-githubusercontent-from-github
The RequestPolicy User Interface (UI) is 'sticky': it allows you to make several selections in one visit. Providing you do not 'click outside the RP menu' all your choices will be selected. When you are finished click the Tab "the project's website . Issue ..."
Starting with the top: avatars3.githubusercontent.com I will Temporary Allow (TA) all except "gravatar.com" (TA 6 domains). So I am Temporary Allowing this page at Github 'to request resources' from all of the githubusercontent sub-domains that are linked to this page. I have not allowed "gravatar.com" so there is still a 'Red RP Flag' showing some requests are being blocked.
Fig-029-All-githubusercontent-has-been-Temporary-Allowed
I also, using NoScript, Temporary Allowed the "Blocked Object" from
FONT@https://assets-cdn.github.com
(see that there are now 0 OBJECTs blocked in the NoScript status area).
You can now see the icons. The site is readable. If you wanted to 'login and make a comment' you might have to use NoScript to allow more JavaScript to run.
Next, look at the Rules in the "Your Policy" Tab on the right about:requestpolicy?yourpolicy.
Fig-030-seven-TA-Rules
Here you can see the 7 TA Rules.
Fig-031-Revoke-all-temporary-permissions
If you click the 'RP Flag' you can quickly delete 'all 7 TA Rules' by clicking
"Revoke all temporary permissions"
If you close Firefox all the Temporary Rules will be forgotten.
DJ-Leith
commented
Jun 3, 2015
|
Using RequestPolicy with Default Deny and a short Whitelist I very rarely add Rules - I nearly always use Temporary Rules.
Here is a very short Whitelist, NoScript also has a very short Whitelist, in this example.
Here is the URL: #445
All 234 requests from github are still blocked.
The first request I am going to Temporary Allow will be from
I clicked on the Tab "the project's website . Issue ..." to close the RPC Menu.
Look at the Rules in the "Your Policy"
The RequestPolicy User Interface (UI) is 'sticky': it allows you to make several selections in one visit. Providing you do not 'click outside the RP menu' all your choices will be selected. When you are finished click the Tab "the project's website . Issue ..."
I also, using NoScript, Temporary Allowed the "Blocked Object" from You can now see the icons. The site is readable. If you wanted to 'login and make a comment' you might have to use NoScript to allow more JavaScript to run. Next, look at the Rules in the "Your Policy" Tab on the right
Here you can see the 7 TA Rules.
If you click the 'RP Flag' you can quickly delete 'all 7 TA Rules' by clicking If you close Firefox all the Temporary Rules will be forgotten. |
DJ-Leith commentedJun 2, 2015
It is easy to add screenshots to Github issues (I'm very new to Github).
In #445 I added a screenshot (here is the comment )
Here is the URL for the screenshot:
https://cloud.githubusercontent.com/assets/12447809/7897773/13f025da-06e1-11e5-890d-89291ebfd48b.jpg
This is 'not much use for the website'. I run many Profiles [1] and I use Classic Theme Restorer to colour (color) the "selected tab" with a specific colour so that I know which Profile I am using. The 'garish purple' tells me that I'm using a profile with an almost empty Whitelist (for both NoScript and RPC).
Below are some screenshots. I have added them to this issue. The URLs are 'automatically generated by Github', just right click and "Open Link in New Tab" to find the URL.
Feel free to use (or ignore) any or all of them without any attribution - you have explicit permission. Feel free to crop them, resize them etc. I have also added text to explain what I did. This is 'full and long winded': I am writing for people who are unfamiliar with RPC.
[1]
"Using Release, ESR, Beta, Aurora, and/or Nightly together."
http://forums.mozillazine.org/viewtopic.php?f=23&t=2821799
Abbreviations and conventions:
RP meaning the original RequestPolicy 0.5.x.x by Justin Samuel.
RPC meaning RequestPolicy Continued v1.0beta9.x
I am using single quotes (') as scare quotes: to indicate that I am conscious that I am using slang, jargon or other imprecise language.
I am using double quotes (" ") when I am making a direct quotation.
Updating from RP 0.5.xx to RPC
Before you start make a copy of your Profile.
In RP 0.5.xx the Whitelist is in "prefs.js" (in your Profile)
In RPC 1.x.x the Whitelist is in "user.json" in the sub-folder ...\Profile\requestpolicy\policies\
e.g. on Windows the Profile might be in this Folder:
C:\Users\UserNameHere\AppData\Roaming\Mozilla\Firefox\Profiles\k4t2y8gr.TestFig-001-RP-0-5-28-1-signed
Fig-002-RPC-0-5-29
Starting with either RequestPolicy 0.5.28.1-signed, or RP 0.5.28,
or RequestPolicy Continued 0.5.29
NoScript is also installed. Both NoScript and RP have short Whitelists in this example.
about:addonsis on both Whitelists (by default) so the 'RP Flag' is grey on the Toolbar (nothing isblocked) and the NoScript icon is showing all scripts are allowed at
about:addons.Fig-003-RP-short-whitelist
The Whitelist, in this example, is very short.
At the moment the Whitelist for RP is stored in the "prefs.js" file in the Profile.
user_pref("extensions.requestpolicy.allowedOriginsToDestinations", "wikibooks.org|wikimedia.org wikinews.org|wikimedia.org wikipedia.com|wikipedia.org wikipedia.org|wikimedia.org wikisource.org|wikimedia.org wikiversity.org|
wikimedia.org wiktionary.org|wikimedia.org bbc.co.uk|bbci.co.uk bbc.co.uk|bbcimg.co.uk");
In this example I allowed all the 'wikipedia family' of sites, to send requests to (in order to collect images from) - "wikimedia.org".
Then I allowed "bbc.co.uk" to send requests to "bbci.co.uk" and also "bbc.co.uk" to send requests to "bbcimg.co.uk".
As I did the BBC after Wikipedia they are recorded in "prefs.js" after the "wikimedia.org" entries.
Continued ...