-
-
Notifications
You must be signed in to change notification settings - Fork 91
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for container tabs #218
base: main
Are you sure you want to change the base?
Conversation
0af5864
to
08bd914
Compare
Does this mean that if I have set a site trusted, it won’t be trusted anymore in containers? While being able to configure different policies per container is a nice feature, I think in most cases if one trusts a site, and then it trusts it in all containers, the containerless policies should continue to apply in containers unless specifically overridden. |
Thanks, you make a good point. The reason why I had it that way is that the default permissions list is quite long, and it can be laborious to clear the list for every container if desired. (Some users' containers can number in the 10's or more) Using the containerless policy is the better default, true. Perhaps I could add a "clear" button to the Per-site Permissions tab, which clears the selected container's rules (after a confirmation prompt). |
Just added a commit on default container policies. Whenever a new container is created, it will now take on the policies of the default container. However, changes made to any container's policy will not propagate to other containers. I think that is a good balance. Note that this is more permissive than plugins like Cookie AutoDelete which default to blocking everything for each new container. Since NoScript has a default allowlist, I suppose it makes sense to propagate it to new containers, but it could be unexpected behavior for some users. |
a5e67a6
to
cf84091
Compare
It can be laborious the other way round as well: I have for example half a dozen containers for Google stuff, and Google has quite some domains (*.google.com, gstatic.com, googlevideo.com, youtube.com, blogger.com etc., let alone country-specific domains like google.co.uk). If Google decides to load things from yet another domain, say alphabet.com, I have to go through each container to add it. If I trust Google won’t load viruses in container A, it won’t load them in container B either. |
Yeah it can get laborious. Right now the best way to copy configs across containers is to edit the ContextStore json from the debug menu. I could imagine defining a set of profiles ("Google", etc.) and assigning containers (firefox-container-1, firefox-container-2, etc.) to different profiles. However, this seems needlessly complicated. Probably a better way is to add a "copy profile from..." dropdown in the options that copies the profile from a selected container. Would that work for you? There is the question of what to copy – ideally it would append/update rather than replace the current profile's settings, but this makes things tricky in terms of managing conflicts. Perhaps it should merge the site list and replace all other settings. |
I added a selector in options.js to copy another container's profile to the currently viewed container. The new profile just replaces the current profile right now. It's possible to have the site lists merge/update, but that could be needless complexity. There is another issue with the settings: each container has a separate Policy instance and thus its own preset customizations. I don't think there's a need to have different presets for each container, so ideally the containers should mirror the default container's presets. I just need to find a good way to make that happen. |
3dd71b3
to
960db3f
Compare
8d8bb4c
to
7e29b2c
Compare
I reverted commit aaronkollasch@8d8bb4c which switched This caused reliability issues as the TabCache didn't always have the Perhaps I could add a TabCache update or |
Instead of getting the The current tab or TabCache are used if |
3522ca6
to
4c451bb
Compare
I've covered the features I can think of, so I'm going to mark this as ready for review. Some to-do's remaining are:
Also, as @jtotht mentioned earlier, adding the I've been daily driving NoScript with these changes for about a month now, and can say I've found container-specific permissions really useful, as there are a bunch of sites I use but don't want to allow everywhere. So I now find myself reflexively clicking the disable restrictions button less often :) |
15fd4f6
to
bda83f4
Compare
Just rebased on main – I merged all commits to make rebasing easier. The original pull request's commit history, based on 11.2.12rc3 (4cfdebd), is now saved in a separate branch: container-tabs-original and its nscl submodule. |
@aaronkollasch just tried this and so far a simple test seems to do what I was looking for: trust domains per container. Sweet! Let me know if I can help with testing or development. |
98bebbc
to
35d489d
Compare
a578ed7
to
c7bf7f0
Compare
Can this be merged? |
35d489d
to
d555c9e
Compare
Any chance we can maybe push this to be reviewed for potential merging? Been following this PR for a while and would love to see it gets merged as I use both container tabs and noscript fairly heavily, and would love to see them working together ;))) Anything I can do? |
I switched to a multi-instance multi-profile method of working. Made a script to manage it, save cookies in my dotfiles git repo ($HOME/.gitignore = '*'). Been working pretty good. :) Easily shared between linux and macos at least.
|
d555c9e
to
3585253
Compare
This PR adds support for Firefox containers (#5, #166).
src/bg/RequestGuard.js
use the correct policy for each request.