New Update JShelter - JavaScript Restrictor

Add-on/Extension Page
https://jshelter.org/
SpiderWeb

SpiderWeb

Level 10
Thread author
Verified
Well-known
Aug 21, 2020
476

Screen Shot 2021-10-03 at 2.57.31 AM.png

JavaScript Restrictor​

JS Restrictor is an anti-malware Web browser extension to mitigate potential threats from JavaScript, including fingerprinting, tracking, and data collection. JShelter is a browser extension to give back control over what your browser is doing. A JavaScript-enabled web page can access much of the browser's functionality, with little control over this process available to the user: malicious websites can uniquely identify you through fingerprinting and use other tactics for tracking your activity. JShelter aims to improve the privacy and security of your web browsing.

Extension is available for Firefox, Chrome and Opera:
jshelter.org

JShelter: Home

An anti-malware Web browser extension to mitigate potential threats from JavaScript, including fingerprinting, tracking, and data collection!
jshelter.org jshelter.org
 
  • Like
  • +Reputation
  • Thanks
Reactions: simmerskool, Tutman, Sunshine-boy and 6 others
Kongo

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,498
The UI is a little confusing. Which profile is activated when i chose "Default" and Profile 2 in the settings? Will it make profile two the default profile for all pages that I access?

General settings:
Unbenannt.PNG

Domain specific settings:
Screenshot 2021-10-03 160823.png

I think when setting it to profile 2 in general settings for example, and setting it to default in domain specific settings, then profile 2 will be the default profile for every website you gonna visit. At least thats how I get it.
 
Last edited:
  • Like
Reactions: The_King, [correlate], Nevi and 2 others
F

ForgottenSeer 92963

@SecureKongo

Could you post what the options are for Domain Specific settings.

What I can see is that it reduces the geo and time accuracy, provides a blank canvas fingerprint and pretends to act as a firewall for javascript and xmlhttprequest (and fetches and Ajax also hopefully). But there is no info on what sort of checks and balances this extension does when acting as a firewall.
 
  • Like
  • +Reputation
Reactions: simmerskool, The_King, [correlate] and 4 others
Kongo

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,498
Kees1958 said:
@SecureKongo

Could you post what the options are for Domain Specific settings.

What I can see is that it reduces the geo and time accuracy, provides a blank canvas fingerprint and pretends to act as a firewall for javascript and xmlhttprequest (and fetches and Ajax also hopefully). But there is no info on what sort of checks and balances this extension does when acting as a firewall.
Click to expand...
Edited my post.

Here are more details about the protection layers: JShelter: Protection levels

I deleted it again as I just wanted to check out the settings. Not sure if it's trustworthy... I will take a deeper look at it later.
 
Last edited:
  • Like
  • Thanks
Reactions: simmerskool, The_King, [correlate] and 4 others
oldschool

oldschool

Level 82
Verified
Top Poster
Well-known
Mar 29, 2018
7,111
Kees1958 said:
But there is no info on what sort of checks and balances this extension does when acting as a firewall.
Click to expand...
It's seems more for protection from fingerprinting than firewall for malware. Their home page is interesting but my initial impression upon installation is that the extension is the work of some students' science project.

Edit: drop-down UI is broken here on Edge. Issue #11
Edit #2: Removed extension since it appears to be useless junk.
 
Last edited:
  • Like
  • Thanks
Reactions: simmerskool, The_King, [correlate] and 4 others
F

ForgottenSeer 92963

Well, XMLHttprequest could be easily misused by downloading Javascript and executing it with Eval. So when they block these types of attacks, it would protect against obscufated third-party javascript execution.

You are right, it seems like a sponsored students project (but the nozzle and sozzle Micosoft javascript sanatizing studies started in the same way and led to major JIT-javascript compilation improvements)
 
  • Like
  • +Reputation
Reactions: simmerskool, Zartarra, The_King and 4 others
F

ForgottenSeer 92963

SecureKongo said:
Edited my post.

Here are more details about the protection layers: JShelter: Protection levels

I deleted it again as I just wanted to check out the settings. Not sure if it's trustworthy... I will take a deeper look at it later.
Click to expand...
Thanks,

It seems trustworthy (considering the sponsor). I am now on travel, without private laptop, will certainly check this out when back.

Thanks for sharing.
 
  • Like
Reactions: simmerskool, oldschool, The_King and 3 others
F

ForgottenSeer 69673

oldschool said:
It's seems more for protection from fingerprinting than firewall for malware. Their home page is interesting but my initial impression upon installation is that the extension is the work of some students' science project.

Edit: drop-down UI is broken here on Edge. Issue #11
Edit #2: Removed extension since it appears to be useless junk.
Click to expand...
There is 3 installer files. One for Firefox, one for Chrome and one for Opera. Which one did you install for Edge?
 
  • Like
Reactions: The_King, [correlate] and Nevi
The_King

The_King

Level 12
Verified
Top Poster
Well-known
Aug 2, 2020
542
The full list of protections of the levels is found on the project's GitHub page. Network Boundary Shield is enabled by default. It prevents web pages from using the browser "as a proxy between local network and the public Internet".

The protection encapsulates the WebRequest API, so it captures all outgoing requests including all elements created by JavaScript.
Click to expand...
Click to expand...

Closing words​

JavaScript Restrictor works in most modern web browsers. It improves user privacy by limiting access to certain browser APIs, which may be abused by sites for tracking and other forms of attacks. Check out the project's website to find out more about it.
Click to expand...
www.ghacks.net

JavaScript Restrictor: improve privacy by limiting web browser APIs - gHacks Tech News

JavaScript Restrictor is an open s0urce cross-browser extension designed to improved user privacy by limiting access to APIs of web browsers that websites may use when running JavaScript.
www.ghacks.net
 
  • Like
Reactions: Nevi, [correlate], oldschool and 1 other person
eonline

eonline

Level 21
Verified
Well-known
Nov 15, 2017
1,064
  • Like
  • HaHa
Reactions: Nevi, simmerskool, [correlate] and 3 others

Similar threads

oldschool
    • Like
    • +Reputation
Serious Discussion "Fixing" Manifest V3
Replies
3
Views
392
Web Extensions
Virtuoso
Virtuoso
Alhaitham
    • Like
New Update NoScript Security Suite
Replies
16
Views
1,563
Web Extensions
Alhaitham
Alhaitham
CyberTech
    • Like
New Update Google Chrome's new cache change could boost performance
Replies
0
Views
346
Chrome & Chromium
CyberTech
CyberTech

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top