APIVoid Script Stop

[NoVirusThanks]

We've released APIVoid Script Stop, a browser extension for Chrome and Firefox designed to block third-party scripts:

APIVoid Script Stop for Chrome and Firefox | APIVoid

APIVoid Script Stop is a browser extension that blocks third-party JavaScript on websites by default. Manage allowed and blocked script domains with whitelist, blacklist, and history logs.

www.apivoid.com

The extension blocks third-party scripts by default when a web page is loaded. From the popup, you can view all blocked scripts and allow or block them temporarily (current session) or permanently (whitelist/blacklist).

You can also:

- View a history of blocked scripts (the "Details" button shows the page URL and all third-party scripts blocked)
- Manage your own whitelist and blacklist
- Fully disable the extension for specific websites

To improve usability and compatibility, the extension includes a built-in list of trusted third-party script hosts so that most websites continue to function normally. This behavior can be disabled from the settings page if needed.

All settings can be easily exported and imported across browsers or devices.

No data is sent externally, all works locally in your browser.

Here is a screenshot of the main interface:

Screenshot of the history logs page:

 

[LinuxFan58]

@NoVirusThanks

Great idea, now when enabled it blocks all third-party by default (= whitelist mode), it would be nice to have a blacklist mode (allow by default)

 

[simmerskool]

@NoVirusThanks -- how does it compare with NoScripts which has been around "forever"?? just curious... I installed Stop Scripts too soon for any comment from me.

 

[Zero Knowledge]

NVT version of No_Script = Although the internet is pretty useless without JS and the similar. Maybe good for dangerous websites? Ahem hacker forums?

 

[simmerskool]

installed Stop Scripts and logged into a site that I know needs certain scripts to run in order to login and sure enough the login was blocked from proceeding and it took me a few seconds re rem I had installed SS and looked at its icon and not obvious to me that it had done anything, but clicked it and it opened showing me which 2 URL it had blocked, and I Allowed and and login proceeded. @NoVirusThanks is there an alert, either a popup or a change to icon display to alert of script block. (if it is too small on the icon I might not have noticed it) Also running it with your Browser Protection in linux librewolf.

 

[HarborFront]

uBO is blocking 3rd-party scripts as well. So need this SS extension?

 

[Marko :)]

@NoVirusThanks

Great idea, now when enabled it blocks all third-party by default (= whitelist mode), it would be nice to have a blacklist mode (allow by default)

I'd like to know this too. If it blocks ALL third-party scripts, it's useless as it only breaks websites.

What we need is an extension or uBO filter that is blocking every script except those necessary for websites to function, coming from CDN domains.

 

[LinuxFan58]

@NoVirusThanks

What is also an idea. AdGuard Browser Extensions has an option to reverse the allowlist, meaning AG only works on the domains listed in the allow list.

 

[HarborFront]

I have a display issue (blue text) with this site. If I disabled SS it works without issue

 

[NoVirusThanks]

@HarborFront

Check the "Whitelist" box for "cdn.tailwindcss.com" and it will work fine.

We'll add that host in the list of trusted domains in the next version.

@Marko :)

The extension has an internal list of 200+ trusted domains related to CDN, payment providers scripts (e.g. Stripe), etc.

So important and trusted third-party hosts are auto-allowed to load scripts.

@simmerskool

how does it compare with NoScripts which has been around "forever"??

We have been running it for the past 2 months here, it is working fine and is doing its job (no particular issues and doesn't slowdown pages).

During these past months we also built the internal list of trusted domains to help avoid breaking popular websites.

looked at its icon and not obvious to me that it had done anything

The change of the color of the pinned icon is in the todo list, will probably be green when no scripts have been blocked, and red when at least 1 sript has been blocked.

@Zero Knowledge

Still very useful to block third-party scripts in many occasions, an example is a website has been compromised and loads a injected third-party script. With this extension it will be automatically blocked. We also added a built-in list of trusted domains to avoid breaking website functionalities.

@LinuxFan58

it would be nice to have a blacklist mode (allow by default)

Can be done, will add in the todo list and discuss it soon.

We're limited by DNR rules on FF, so need to think about this too.

only works on the domains listed in the allow list.

You mean like that the extension is automatically disabled on any website, except on the ones specified on a custom list?

 

[Marko :)]

@NoVirusThanks I get that we can disable the extension for website if it's breaking it, but is there an option to report broken domains so they are added to the whitelist from your side?

 

[simmerskool]

uBO is blocking 3rd-party scripts as well. So need this SS extension?

you running ubo in medium mode dynamic filtering? if not, SS can add some protection with perhaps an easier UI

 

[simmerskool]

@NoVirusThanks I get that we can disable the extension for website if it's breaking it, but is there an option to report broken domains so they are added to the whitelist from your side?

...and you can add domain locally to whitelist in the app

 

[Sampei.Nihira]

you running ubo in medium mode dynamic filtering? if not, SS can add some protection with perhaps an easier UI

That's probably not the case.
uBo also blocks third-party frames natively.
I wrote “probably” above because SS would block third-party frames indirectly.
It isn't specified on the extension's page, but it's still likely that SS blocks third-party frames if they also contain third-party scripts.
According to AI, there are at least seven scenarios in which the frame is loaded by SS when it is not loaded by uBo.
Of course, this does not mean that SS is not also useful for blocking third-party frames.
But the browser can still send a request to the third-party domain,
the frame can still be created in the DOM,
and the third-party server can still see the IP address, user-agent, headers, timing, etc.

P.S.

This extension is designed to be less problematic.
Users can thank NVT, as it wouldn't be able to handle NoScript and similar extensions.

 

[LinuxFan58]

That's probably not the case.
uBo also blocks third-party frames natively.
I wrote “probably” above because SS would block third-party frames indirectly.
It isn't specified on the extension's page, but it's still likely that SS blocks third-party frames if they also contain third-party scripts.
According to AI, there are at least seven scenarios in which the frame is loaded by SS when it is not loaded by uBo.
Of course, this does not mean that SS is not also useful for blocking third-party frames.
But the browser can still send a request to the third-party domain,
the frame can still be created in the DOM,
and the third-party server can still see the IP address, user-agent, headers, timing, etc.

P.S.

This extension is designed to be less problematic.
Users can thank NVT, as it wouldn't be able to handle NoScript and similar extensions.

Sampei-san,

i know using Google started to punish websites with lower pagerank when they used (third-party) iframes. What I remember is that by 2010 it was already considered bad practice to build the website with frames (in the early days of web they were used as building blocks or modules, but as soon as frameworks became popular the rational to use iframes as building blocks melted away). Although ChatGPT mentions 2014-2017, but I know for sure in Netherlands it was around 2010 (because I started free lancing as interim manager and my first project was developing a website for myself).

Blocking of third-party iframes is (IMO) overrated and might break important functionality (as explained by ChatGPT what the approved use cases are), since Google found ways to better deal with iframe's SEO-points (value) calculation. But what about the analytics tools which are sometimes put in (third-party) iframes, you will counter? My guess is that the privacy filters will block the scripts calling those analytics tools anyway.

Read the screenprint of ChatGPT's answer below

Long story short answer:
Script Stop blocking only third-party scripts might be as effective as uBo blocking third-party scripts and frames WHEN you have enabled privacy filters in your adblocker.

 

[Sampei.Nihira]

Dynamic filtering: Benefits of blocking 3rd party iframe tags

It’s not just a matter of privacy, but also of security, as the link above highlights.
ChatGPT often makes mistakes.
For example, the nonexistent policy in Chrome……remember?
Why take the risk when there are those who are skilled at managing NoScript, uBo with dynamic filtering, AG with dynamic filtering, uBoL with dynamic filtering……

P.S.

As I mentioned earlier, those who are not comfortable managing the dynamic filtering of the extensions I mentioned earlier can use SS, which offers them a very effective tool for enhancing their privacy and security.

 

[simmerskool]

That's probably not the case.
uBo also blocks third-party frames natively.
I wrote “probably” above because SS would block third-party frames indirectly.
It isn't specified on the extension's page, but it's still likely that SS blocks third-party frames if they also contain third-party scripts.
According to AI, there are at least seven scenarios in which the frame is loaded by SS when it is not loaded by uBo.
Of course, this does not mean that SS is not also useful for blocking third-party frames.
But the browser can still send a request to the third-party domain,
the frame can still be created in the DOM,
and the third-party server can still see the IP address, user-agent, headers, timing, etc.

P.S.

This extension is designed to be less problematic.
Users can thank NVT, as it wouldn't be able to handle NoScript and similar extensions.

good info and agree, on today's VM I'm running Librewolf with ubo + hagezi pro (but not DF) & APIVoid SS & Browser Protection, working well together, and like UI of SS a lot.

 

[simmerskool]

Dynamic filtering: Benefits of blocking 3rd party iframe tags

It’s not just a matter of privacy, but also of security, as the link above highlights.
ChatGPT often makes mistakes.
For example, the nonexistent policy in Chrome……remember?
Why take the risk when there are those who are skilled at managing NoScript, uBo with dynamic filtering, AG with dynamic filtering, uBoL with dynamic filtering……

P.S.

As I mentioned earlier, those who are not comfortable managing the dynamic filtering of the extensions I mentioned earlier can use SS, which offers them a very effective tool for enhancing their privacy and security.

agree again, chatGPT makes mistakes, and SS UI is easier to manage than ubo DF and NoScript but I'm farther removed from NoScript, or more familiar with ubo DF lately. The trick for APIVoid @NoVirusThanks is to keep SS as simple and clean as possible as they make it better.

 

[LinuxFan58]

Dynamic filtering: Benefits of blocking 3rd party iframe tags (By Gorhill

In Dutch we say "the butcher examines his own meat" (and concludes it is the best )

GorHill's post on the benefits of iframe blocking also dates back to 2015 in which SEO specialists started to doubt on the benefits of 3p-frames (according to ChatGPT)

This kind of evidence would not qualify in your old profession

 

[Jan Willy]

Besides black- and whitelists APIVoid SS offers the option to the user to accept or to block each 3p script. That's the point where it isn't simple anymore. Is the average user capable to judge the reliability of a script? I doubt. There's a real chance users make wrong decisions. Or they use the extension only as ordinary filterlists. So I don't really see the added value of SS.