Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Screenshots for RPC #665

DJ-Leith opened this issue Jun 2, 2015 · 2 comments

Screenshots for RPC #665

DJ-Leith opened this issue Jun 2, 2015 · 2 comments


Copy link

DJ-Leith commented Jun 2, 2015

It is easy to add screenshots to Github issues (I'm very new to Github).

In #445 I added a screenshot (here is the comment )

Here is the URL for the screenshot:

This is 'not much use for the website'. I run many Profiles [1] and I use Classic Theme Restorer to colour (color) the "selected tab" with a specific colour so that I know which Profile I am using. The 'garish purple' tells me that I'm using a profile with an almost empty Whitelist (for both NoScript and RPC).

Below are some screenshots. I have added them to this issue. The URLs are 'automatically generated by Github', just right click and "Open Link in New Tab" to find the URL.
Feel free to use (or ignore) any or all of them without any attribution - you have explicit permission. Feel free to crop them, resize them etc. I have also added text to explain what I did. This is 'full and long winded': I am writing for people who are unfamiliar with RPC.

"Using Release, ESR, Beta, Aurora, and/or Nightly together."

Abbreviations and conventions:
RP meaning the original RequestPolicy 0.5.x.x by Justin Samuel.
RPC meaning RequestPolicy Continued v1.0beta9.x
I am using single quotes (') as scare quotes: to indicate that I am conscious that I am using slang, jargon or other imprecise language.
I am using double quotes (" ") when I am making a direct quotation.

Updating from RP 0.5.xx to RPC

Before you start make a copy of your Profile.
In RP 0.5.xx the Whitelist is in "prefs.js" (in your Profile)
In RPC 1.x.x the Whitelist is in "user.json" in the sub-folder ...\Profile\requestpolicy\policies\

e.g. on Windows the Profile might be in this Folder:



Starting with either RequestPolicy, or RP 0.5.28,
or RequestPolicy Continued 0.5.29

NoScript is also installed. Both NoScript and RP have short Whitelists in this example.
about:addons is on both Whitelists (by default) so the 'RP Flag' is grey on the Toolbar (nothing is
blocked) and the NoScript icon is showing all scripts are allowed at about:addons.


The Whitelist, in this example, is very short.
At the moment the Whitelist for RP is stored in the "prefs.js" file in the Profile.

user_pref("extensions.requestpolicy.allowedOriginsToDestinations", "|||||||||");

In this example I allowed all the 'wikipedia family' of sites, to send requests to (in order to collect images from) - "".
Then I allowed "" to send requests to "" and also "" to send requests to "".
As I did the BBC after Wikipedia they are recorded in "prefs.js" after the "" entries.

Continued ...

Copy link

DJ-Leith commented Jun 2, 2015

Updating from RP 0.5.xx to RPC continued


Here is the Release page for RequestPolicy 1.0.beta9.3

Click the "requestpolicy-1-0-beta9-3.xpi" link to install.


Next you will see this Welcome screen.

If you have 'an old RP' as in this example you have 'two RP Red flags' (one old one from RP and a new RPC Flag). This is expected as you update (when you have finished and restarted Firefox you will only have the new RPC Flag).

Note: NoScript is blocking about:requestpolicy?setup
add about:requestpolicy to the NoScript Whitelist


If you are Upgrading, as in this example, click "Configure RequestPolicy".

If you have never used RP I recommend that you use the "Teach me how to use RequestPolicy" button. This will take you to
(Updated 2015-11-09: Old was )


The defaults (shown) are good.

In this example, I am going to show you how to 'keep the RP Whitelist' we had before the Update.

So, select

"Block requests by default" and "No, don't use subscription policies."
Also, untick "Allow requests to the same domain".

fig-009-block-requests-configure-default policy
Fig-009-Block-requests-Configure-Default Policy

Then press the "Return to browsing" link.

Now, look at about:addons (either in a New Tab or using the Menu).


As you can see you still have the 'old RP'. Remove, in this example RP 0.5.29, and Restart Firefox.

fig-011-after-removing-the-old-rp-0 5 xx

Note: there is now only one 'RP Flag' - this is normal (you only saw two RP Flags when you had two versions of RP).

Now, click the 'RP Flag' and choose "Manage Policies" you will see this:


Scroll down to see Your Rules.

In this example you might not see any!


You might be alarmed. In this screen there are no Active rules!
However, open a New Tab and type about:requestpolicy?oldrules


Now click "Show re-import options".


Here you can see the examples: wikimedia and the BBC (in the order from "pref.js").

Next, click the "Import Old Rules" button (at the bottom of the page).



These rules are saved in "user.json".

Close Firefox:

In "prefs.js" you will find:
user_pref("extensions.requestpolicy.allowedOriginsToDestinations", "|||||||||");
The 'old rules' are still in "prefs.js".

Start Firefox and go to about:requestpolicy?yourpolicy


Now, click the "Remove unused rules left over from the old version of RequestPolicy." link.


Click the "Delete old rules" button.

Copy link

DJ-Leith commented Jun 3, 2015

Using RequestPolicy with Default Deny and a short Whitelist

I very rarely add Rules - I nearly always use Temporary Rules.
In my usage these Temporary Rules are lost:

  • usually when I close Firefox,
  • sometimes when I click the "Revoke all temporary permissions" in the RP Menu,
  • very rarely by using the UI to stop an individual Temporary Rule.


Here is a very short Whitelist, NoScript also has a very short Whitelist, in this example.
Note: is NOT on either Whitelist.



Here is the URL: #445
This page looks odd because all requests, even to other pages at github, are blocked by RPC.


All 234 requests from github are still blocked.

fig-025-about-to-temporary-allow-github com-to-github com-crop

The first request I am going to Temporary Allow will be from to the same domain I have clicked the on the left, which has brought the 'list of potential outgoing requests' that RPC is blocking (on the right). I will now Temporarily allow requests from * to *

fig-026-after-temporary-allow-github com-to-github com

I clicked on the Tab "the project's website . Issue ..." to close the RPC Menu.
The site refreshed.
You can immediately see the page looks much better. There are still many requests being blocked,
e.g. icons to the right of the "Labels" near the scroll bar. myrdd's icon is also blocked, just below the green "Open" button (on the left).


Look at the Rules in the "Your Policy" about:requestpolicy?yourpolicy.


The RequestPolicy User Interface (UI) is 'sticky': it allows you to make several selections in one visit. Providing you do not 'click outside the RP menu' all your choices will be selected. When you are finished click the Tab "the project's website . Issue ..."
Starting with the top: I will Temporary Allow (TA) all except "" (TA 6 domains). So I am Temporary Allowing this page at Github 'to request resources' from all of the githubusercontent sub-domains that are linked to this page. I have not allowed "" so there is still a 'Red RP Flag' showing some requests are being blocked.


I also, using NoScript, Temporary Allowed the "Blocked Object" from
(see that there are now 0 OBJECTs blocked in the NoScript status area).

You can now see the icons. The site is readable. If you wanted to 'login and make a comment' you might have to use NoScript to allow more JavaScript to run.

Next, look at the Rules in the "Your Policy" Tab on the right about:requestpolicy?yourpolicy.


Here you can see the 7 TA Rules.


If you click the 'RP Flag' you can quickly delete 'all 7 TA Rules' by clicking
"Revoke all temporary permissions"

If you close Firefox all the Temporary Rules will be forgotten.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
None yet

No branches or pull requests

1 participant