cross-posted from: https://lemmy.world/post/31859998
Please see the cross-post as it is updated.
As a security-conscious user, I’ve used NoScript since Firefox’s early days, but its restrictive nature has become frustrating. I’m often forced to go unprotected just to access websites with multiple scripts running on different domains, which defeats the purpose of using NoScript and balances security and usability that it once provided.
Is there a way to block browser JavaScript from executing commands that retrieve sensitive information from my local machine, while still allowing JavaScript that is only used for rendering web pages?
greatly appreciate any insight
cross-posted from: https://lemmy.world/post/31859998
Please see the cross-post as it is updated.
Yes, you can either run the browser in a VM to supply the fake information the VM uses or, if that’s still too real for you, you can download the source code of an open source browser, install its dependencies, remove the java script implementations of the functions that provide that information you want to block or change them to return fake fixed or randomised values, then compile the code yourself and use your custom compiled browser. If you remove those functions, be aware that this will break lots of JS in a way that it will fail unrecoverable. For example, if you remove functions to get the time zone, it will break JS date pickers so early, you won’t be able to select a date on sites that require them to operate.