NoScript
Автор: Giorgio Maone
Оф. сайт / Addons Mozilla.org
Перевод: Modex (Александр Соколов)
Размер: 261 КБайт
Совместимость: 
1.5.0.4 – 3.1a1pre 
1.8 - 1.8 
0.4 - 1.0 
1.0 - 2.0а1
Дата последнего обновления: 15.07.2008
Описание:
С помощью NoScript вы сможете разрешить исполнение JavaScript, Java (и других плагинов) только для доменов и сайтов установленных вами (например это может быть ваш банковский сайт). Дополнение, основанное на принципе упреждающего блокирования позволяет предотвратить использование уязвимостей (
известных и ещё не известных!
) без потери функциональности... Эксперты соглашаются: Firefox действительно безопасней с NoScript 
После установки расширения в настройках можно дополнительно установить, что не следует загружать при открытии страницы (элементы Java, Flash, или других плагинов). Для того чтобы визуально определять местоположение заблокированных элементов на текущей странице установите опцию "Выделять расположение заблокированных элементов значком с рамкой" на вкладке настроек "Внешний вид".
В итоге вы получаете дополнение, которое не только позволяет повысить защищённость сёрфинга в сети, но и косвенным образом позволяет блокировать некоторые виды рекламы. Например различные рекламные flash-ролики или текстовую рекламу Ads Google (для блокирования данного типа рекламы изначально не требуется ничего(!) - просто не разрешайте исполнение JavaScript для домена googlesyndication.com) 
P.S.: Это дополнение уже длительное время является одним из самых популярных на Addons.Mozilla.org, так что делайте выводы сами...
Последняя локализованная версия расширения:Оф.сайт расширения
Addons Mozilla.orgFTP Mozilla-Russia.org
Дополнительная информация:
Обсуждение расширения
Параметр <a ping>
P.S.: Новые версии расширения поставляются с русской локалью (переводом), поэтому устанавливать новые версии можно с помощью автообновления.
P.P.S.: Замечания и предложения по переводу пишите в ПМ
Версия: 1.1.7.3
Изменения:
x Work-around for hidden link detection being triggered by some CSS reporting offsetHeight 0 for anchors (thanks Gerrit Heeres)
Версия: 1.1.7.4
Изменения:
+ new noscript.forbidIFramesContext about:config option controls if actually enforcing IFRAME blocking depending on the parent page:
0 -- block always
1 -- block if parent is in a different site (default)
2 -- block if parent is in a different domain
3 -- block if parent is in a different 2nd level domain
+ Minefield version bump (0.3.0a9pre)
x XSideBar keyboard shortcut compatibility (thanks Philip Chee)
Версия: 1.1.7.6
Изменения:
+ srv.br "special" TLD (thanks Rodrigo Ristow Branco)
+ Better protection against "setter" based XSS vectors and encoded "name" payloads (thanks RSnake, Sirdarckcat and Kuza55, see http://ha.ckers.org/blog/20071104/ownin … rg-or-not/ )
+ Improved hidden links management, preserves original body CSS attributes when possible (thanks mdots)
Версия: 1.1.7.7
Изменения:
x Fixed installation problems with addons.mozilla.org automatic update
Версия: 1.1.7.8
Изменения:
+ JAR uris are forbidden from loading as documents by default, see http://noscript.net/faq#jar for details
+ Block untrusted XBL (thanks Sirdarckcat for inspiration)
x Various IFrame blocking refinements
Версия: 1.1.7.9
Изменения:
+ Notify bar for jar document blocking
x Fixed GreaseMonkey's XMLHttpRequest compatibility regression
x Fixed confusing option, "Forbid other plugins" shouldn't imply forbidding Java, Flash and Silverlight.
Версия: 1.1.8
Изменения:
+ Version bump for Firefox 3
+ Temporarily allow sites matching the regular expression(s) in the noscript.whitelistRegExp about:config preference (thanks MaZe)
x Further QA for release
x Fixed chrome.manifest for eMusic Remote (thanks Mel Reyes)
x Fixed shorthands broken when XSS protection was off (thanks MaZe)
Версия: 1.1.8.1
Изменения:
+ More flexible and reliable redirection management
Версия: 1.1.8.2
Изменения:
+ Friendlier IFrame handling (thanks war59312 and A. Baxter)
x Fixed Silverlight new detection scheme broken by IFrame blocking
x Fixed compatibility issue with Cooliris send link (thanks Tschua)
Версия: 1.1.8.3
Изменения:
+ The "noscript.tempGlobal" about:config preference causes the "Globally Allow" status to be revoked at the end of each session (thanks chconnor and Alan Baxter for suggestion)
+ The "noscript.lockPrivilegedUI" about:config preference blocks Error Console and DOM Inspector (useful in locked down setup to prevent preferences from being unlocked by user's chrome JS code)
+ More reliable base domain recognition
+ Switch to nsIEffectiveTLDService on Gecko >= 1.9 above (Firefox 3)
+ nsIEffectiveTLDService emulation on Gecko < 1.9 (Firefox 2)
x Updated translations
x Additional QA for release
Последняя локализованная версия расширения 1.5.2
Оф.сайт расширения
Addons Mozilla.org
Изменения:
1.5.2
====
x Fixed unwanted blocking of some trusted Java applets thanks Mick
Bramhall for report)
1.5.1
====
x Slightly revised icon set (thanks Karlosak and WAPCE for hints)
x Fixed bookmarklets invoked twice on untrusted sites (thanks al_9x)
1.5
====
+ Slovenian translation (thanks TomaХО MaФ�us)
x Special bookmark management made compatible with Suiterunner's
sidebar (thanks therube for reporting)
x Extra QA for release
1.4.9.9
====
x Bookmarklet handling code adapted again to cope with methods moved
from PlacesUtils to PlacesUIUtils after Fx 3 beta 4
1.4.9.8
====
+ Prevention of Java applet same origin policy bypass via malformed
class name (see http://tinyurl.com/2u387t)
+ Improved icons
x Fixed chrome "domain" showing in menus (thanks Aerik)
1.4.9.7
====
+ New noscript.allowURLBarJS about:config preference allows
javascript: and data: URLs to be run interactively from the
location bar, e.g. for bookmarklet testing, even if currently
displayed site is not whitelisted (default true)
+ Improved overall bookmarklet compatibility on Firefox 3
x Adapted bookmarklet handling code to latest Places refactoring with
openXXX() methods in PlaceUtils (thanks Tobu for report)
1.4.9.6
====
x Fixed "Forbid chrome:" menu items on some pages (thanks niko322)
1.4.9.5
====
x Version bump for Firefox 3.0b5pre
1.4.9.4
====
+ Added client-side policy control for new Firefox 3 cross-site XHR,
configurable via noscript.forbidXHR about:config preference:
0 - Allow any XHR
1 - Allow cross-site XHR across trusted sites only (default)
2 - Allow same-site XHR only (like Firefox 2)
3 - Forbid all XHR
1.4.9.3
====
x Fixed Firebug JS injection causing blocked IFrame
x Fixed plugin document detection making Acrobat Reader plugin hang
1.4.9.2
====
x Minor InjectionChecker enhancements
1.4.9.1
====
x Reduced vertical size of NoScript options panel for better usage
on constrained devices (thanks pstepper for report)
v 1.4.9
====
+ Improved Silverlight object identity based on "source" param
v 1.4.8
====
+ Better differentiation of Flash-based movie players and other
general purpose plugin content instances by taking in account
flashvars attributes and param elements.
+ Improved Silverlight placeholders, now shown in real time and
supporting more activation schemes
v 1.4.7
====
+ Safe Silverlight placeholders restored by emulating the
IsVersionSupported() machinery (placeholders are usually delayed
by 3 secs or more)
v 1.4.6
====
x Silverlight plugin objects in content blocking mode made completely
disabled (not just content-less) until they're allowed per-page
x Work around for a conflict with the PDF Download extension conflict
(thanks greenknight for report)
v 1.4.5
====
x Fixed Silverlight unblocking hooks not working if all kinds of
plugin content and IFrames are blocked (thanks al_9x for report)
v 1.4.4
====
+ Content unblocking machinery made compatible with new Silverlight
activation schemes (thanks al_9x and Alan Baxter for report)
v 1.4.3
====
+ Further fuzzification of injection checker patterns
x Slightly released window.name checks to allow some legitimate frame
tricks, e.g. in eBay Cross-promotions (thanks jlovie for report)
x External URI validation decoding changed to accomodate ISO-8859 and
other encodings, rather than UTF-8 only (thanks Alf Buccheim)
v 1.4.2
====
+ Bookmarklet return values support on Mozilla trunk
x Fixed mailto: empty URL (new mail message) considered invalid
v 1.4.1
====
x Fixed "onclick.match is not a function" issue when clicking on
named anchors with no href (thanks wangyi6854 for report)
v 1.4
====
+ Updated translations
x Revised window.name injection checks to be more lenient on GModules
x Extra QA for release
x Fixed about dialog size to correctly show contributor list in any
language
v 1.3.8
====
x Fixed eMusic incompatibilities (thanks Mel Reyes)
v 1.3.7
====
+ Added wildcard type entry in Blocked Objects temporary allow menu
x Fixed minor bugs in Blocked Objects menu early implementation
v 1.3.6
====
+ Descriptive icon for content types when possible on object
placeholders and menu items
x Improved CSS injection rules (thanks Azurite for report)
v 1.3.5
====
+ More consistent plugin content temporary permissions management:
object permissions are granted per-session(not bound to the current
tab anymore) and honor the "Revoke Temporary Permissions" command.
+ "Temporary allow content-type@http://site.com" commands in the
"Blocked Objects" menu temporary allows plugin content matching a
certain mime type (e.g. shockwave-flash) on the whole site.
x Increased readability of the "Blocked Objects" menu by using plain
font style instead of italics even if permissions are temporary
x Reduced console pollution on Linux
x Work-around for XPathResult not working in sandboxed bookmarklets
v 1.3.4
====
+ "Blocked Objects" menu to temporarily allow plugin content even
when placeholder is hidden or not easy to see
+ "Block every object coming from a site marked as untrusted" option
in Plugins tab (checked by default)
x Further XSS filter sensibility refinement
x Fixed double separators sometimes in menus (thanks niko322)
x Fixed "StumbleUpon Discovery" not compatible with "Forbid IFrames"
(thanks niko322)
x Fixed URI protocol handler protection removing mailto: line breaks
(thanks Alf Buchheim)
v 1.3.3
====
x Allow data: URIs in script src attributes on trusted sites (thanks
Kravvitz for report)
x Fixed "a.getAttribute is not a function" issue (thanks wangyi6854
for report)
v 1.3.2
====
+ Scriptless support for history.go(x), history.forward() and
history.back() links/buttons (thanks timeless for suggestion)
+ resource: URI path traversal protection
+ New "noscript.allowedMimeRegExp" about:config option to whitelist
some content types not to be blocked by "Forbid other plugins", for
instance "application/pdf" or "image/.*"
+ Plugin content is always forbidden if coming from sites explicitely
marked as "Untrusted" (blacklisted). This behavior can be disabled
by setting the "noscript.alwaysBlockUntrustedContent" about:config
option to false (thanks NakedStranger for suggestion).
x Fixed XSS false positive at mail.yahoo.com
x noscript.jsredirectFollow preference more effective on blank but
not empty (i.e. space only) body (thanks timeless for suggestion)
v 1.3.1
====
x Fixed missing plugin content placeholder regression on some gaming
sites (thanks Aerik and hewee for report)
v 1.3
====
+ "Revoke temporary permissions" command in NoScript floating menus
+ Fixed plugin content placeholder sometime missing on background
tabs Linux issue (thanks WAPCE for report)
v 1.2.9.6
====
+ Better plugin content placeholder management
+ noscript.canonicalFQDN about:config preference to control
canonicalization of domains ending with a dot.
+ Updated translations
v 1.2.9.5
====
+ Transparent blocking of non-text frames (thanks sam41177878))
v 1.2.9.4
====
+ Tweaked preliminary URL screening optimizations to enhance
Injection Cheker sensibility (thanks Gareth Heyes)
v 1.2.9.3
====
+ Updated Injection Checker to take in account upper Unicode
JavaScript identifiers (thanks Gareth Heyes)
v 1.2.9.2
====
x Further reduced false positives with post-syntax danger checks
v 1.2.9.1
====
x Fixed issues with trans-domain redirections, stacking entries in
the previously viewed site's menu (thanks Hanspeter Spalinger)
v 1.2.9
====
x Set noscript.jsredirectFollow default to false
x Extra QA for release
v 1.2.8
====
+ Injection Checker optimization on very long query strings
x Fixed OpenId XSS false positive on blogger.com (thanks dondado)
v 1.2.7
====
x Fixed Yahoo search XSS false positive by double checking valid JS
fragments for potential danger (10x firefoxisgreat2008 for report)
x Fixed the "form fields forgotten" issue by disabling the jsHack
feature which caused it. If you need jsHack and you can afford this
problem, just set the noscript.jsHackRegExp about:config preference
to a regular expression matching the URLs where you want it enabled
x Fixed content placeholders not showing on some sites
x Fixed POST payload shouldn't stripped as a consequence of injection
checking (thanks theiago for report)
v 1.2.6
====
x Updated localizations
x Extra QA for release
v 1.2.5
====
x Work-around for conflict with Tab Mix Plus dev. in Fx 3's Places
(http://tmp.garyr.net/forum/viewtopic.php?t=8052)
v 1.2.4
====
x Fixed NOSCRIPT content shown in pages allowed on the fly with
"Temporarily allow top-level sites" (thanks Pirlouy for report)
v 1.2.3
====
+ Improved Injection Checker JSON compatibility, now recursively
checking content of string attributes
x Further JS syntax check optimizations
x Fixed potential XBL-based crash after successful -moz-binding
injection (thanks Gareth Heyes for reporting)
x More discreet XSS notification for subframes
v 1.2.2
====
x Changed noscript.filterXGetRx default to make single quote removal
happen only after positive injection checks (thanks sirdarckcat for
suggestion)
v 1.2.1
====
x Fixed placeholder not shown for plugin content loaded in frames
(thanks Apoc2400)
x Revised InjectionChecker made compatible with JSON GET parameters
(thanks "Wilderness Of Mirrors")
v 1.2
====
+ Better protection against Flash-based XSS and other plugin-related
cross-site attacks
+ Better feedback for allowable sites from embedded redirections
(thanks Leo HУЄfliger for report)
+ XSS filtering in subframes gets notified (was silent by default)
x Fixed temporary allowed site prevents parent from being allowed
permanently (e.g. in auto-allow mode)
x Fixed stand-alone WM plugin pages delayed blocking (thanks therube)
x Extra QA for release
x Updated localizations
v 1.1.9.9
====
+ Hardened injection checker (thanks Gareth Heyes)
x Better compatibility with Wikimedia sites
x Fixed rtsp: and mms: plugin content always considered untrusted
(thanks Florian Gerstenlauer for report)
x Fixed one-click plugin activation (with no confirmation) sometimes
deferred to next page refresh (thanks Erwin J. KnУЖll for report)
v 1.1.9.8
====
+ Experimental noscript.jsHack about:config preference containing JS
code to be executed before page loads in order to accomodate for
missing features (default implants a fake urchinTracker, see
http://forums.mozillazine.org/viewtopic.php?p=3183986#3183986)
v 1.1.9.7
====
+ new "Revoke temporary permissions" command
+ new Plugins option: "Collapse blocked objects"
+ new Plugins option: "No placeholder for object coming from sites
marked as untrusted"
x Fixed OBJECT count bug when placholders are not shown
x Work-around for IETab incompatibility with noscript.contentBlocker
v 1.1.9.6
====
x Object placeholder rendering optimization
x Extra QA for release
v 1.1.9.5
====
+ Plugins disabled by default on unknown sites
x References to "Macromedia Flash" changed into "Adobe Flash"
x Fixed wrong OBJECT count reported after 1st notification
v 1.1.9.4
====
+ XBL protection compatible with extensions using XMLHttpRequest from
a content-triggered event handler (e.g. Book Burro or PriceDrop)
v 1.1.9.3
====
+ non-destructive cross-site XBL protection (handles the same case as
https://bugzilla.mozilla.org/show_bug.cgi?id=387971)
x Better edge-case handling in invisible links detection (thanks
Alexander Nikkta)
v 1.1.9.2
====
+ Pre-scan optimization for unicode-escaped ASCII in InjectionChecker
+ Better compatibility with URLs containing HTML entities
v 1.1.9.1
====
x Work-around for Minefield content policy / DOM interaction
regression (thanks mmortal03)
v 1.1.9
====
x Extra QA for release
+ Menu rendering speed optimizations
+ Emulated TLD Effective service up to 100x speedup
+ InjectionChecker performance up to 50x speedup (thanks therube)
+ Fixed leak regression from 1.1.8.3 redirection handling refinements
(thanks L. David Baron)
x Fixed Firefox notifications not shown if NoScript notifications
were suppressed (thanks gecco)
v 1.1.8.9
====
x Fixed content-blocking regression (thanks L.A.R. Grizzly)
v 1.1.8.8
====
x Better Google Toolbar compatibility (thanks brandonksu)
v 1.1.8.7
====
+ More consistent and compatible bottom notification bar
v 1.1.8.6
====
+ "Notifications" option to change message bar automatic hiding delay
x Fixed multiple profile problems on SeaMonkey (thanks therube)
x Fixed incompatibility with Translation Panel and other extensions
(regression from 1.1.8.5 beta)
v 1.1.8.5
====
+ Improved HTML attribute injection checks (thanks Gareth Heyes)
+ More flexible noscript.forbidXBL about:config preference:
0 - allow all XBL
1 - allow trusted and data: (Fx 3) XBL on any site
2 - allow trusted and data: (Fx 3) XBL on trusted sites
3 - allow only trusted XBL on trusted sites
4 - allow only trusted XBL from the same site or chrome (default)
5 - allow only chrome XBL
v 1.1.8.4
====
x Fixed installation issue on SeaMonkey (thanks R.N. Folsom)
NoScript 1.6.9.3
Размер: 275,3 Кбайт
Автор расширения: Giorgio Maone
Домашняя страница: http://noscript.net
Перевод на русский язык: есть
Дата последнего обновления: 20.06.2008
Совместимоcть: 
1.5.0.4 - 3.1a1pre 
1.8 - 1.8 
0.4 - 1.0.* 
1.0 - 2.0a1 
Не поддерживается
NoScript 1.7.1
Размер: 279,3 Кбайт
Автор расширения: Giorgio Maone
Домашняя страница: http://noscript.net
Перевод на русский язык: Sergeys
Дата последнего обновления: 26.06.2008
Совместимоcть: 1.5.0.4 - 3.1a1pre 1.8 - 1.8 0.4 - 1.2.* 1.0 - 2.0a1 Не поддерживается
v 1.7.7
=====================================================================
x QA for release
x Localization updates
x Moved changelog online and removed full GPL text to reduce XPI sizev 1.7.6.4
=====================================================================
x Dramatic (100:1) InjectionChecker performance boost on very long
strings (thanks Lucas Malor for reporting)v 1.7.6.3
=====================================================================
x InjectionChecker speed optimization for over-complex Bugzilla
search queries (thanks Lucas Malor for reporting)v 1.7.6.2
=====================================================================
x Main site always on the bottom of the menu even if subdomains are
present
x "Revoke Temporary Permissions" honors the
noscript.autoReload.allTabsOnPageAction preference
x Further InjectionChecker optimization for gmodules URLsv 1.7.6.1
=====================================================================
x Fixed bookmarklets which navigate to a new location (e.g.
del.icio.us) disabling Javascript in the current tab when invoked
from a non-whitelisted site (thanks dingaling for reporting)v 1.7.6
=====================================================================
x QA for release
NoScript 1.8.2.1
Размер: 298,3 Кбайт
Автор расширения: Giorgio Maone
Домашняя страница: http://noscript.net
Перевод на русский язык: есть
Дата последнего обновления: 10.10.2008
Совместимоcть: 2.0 - 3.1b1pre 1.8 - 1.8+ 0.4 - 2.0.* 1.0 - 2.0a2 Не поддерживается
NoScript 1.8.4
Размер: 316,5 Кбайт
Автор расширения: Giorgio Maone
Домашняя страница: http://noscript.net
Перевод на русский язык: есть
Дата последнего обновления: 08.11.2008
Совместимоcть: 1.5 - 3.1b2pre 0.4 - 2.0.* 1.1 - 2.0a2 Не поддерживается
NoScript 1.9.8.4
Размер: 436,0 Кбайт
Автор расширения: Giorgio Maone
Домашняя страница: http://noscript.net
Перевод на русский язык: есть
Дата последнего обновления: 25.08.2009
Совместимоcть: 1.5 - 3.7a1pre 0.4 - 2.0.* 1.1 - 2.1a1pre Не поддерживается
NoScript 1.9.8.7
Размер: 436,8 Кбайт
Автор расширения: Giorgio Maone
Домашняя страница: http://noscript.net
Перевод на русский язык: есть
Дата последнего обновления: 25.08.2009
Совместимоcть: 1.5 - 3.7a1pre 0.4 - 2.0.* 1.1 - 2.1a1pre Не поддерживается
v 1.9.8.7
x Fixed minor bugs in "Recent blocked sites" implementation
x Updated Rumenian
x Fixed encoding issue with configuration import/export/sync (thanks
m_c for reporting)
v 1.9.8.61
+ Optimization of multiple regexp preferences
x Fixed XSS filter exceptions not being honored if URL contains
percent-encoded character which are invalid UTF-8 code points
(thanks Bueller007 for reporting)
x Fixed UTF8 overdecoding checks interfering with some Japanese sites
(thanks Bueller007 for reporting)
v 1.9.8.6
+ Reset command in "Recently blocked sites" menu (thanks Fred for
suggestion)
+ For privacy reasons "Recently blocked sites" are erased everytime
user purges history
+ Temporary permissions are revoked and "Recently blocked sites" are
erased everytime user exits the "Private Browsing" mode
x Fixed DNS-sensitive frame blocking bug
v 1.9.8.5
+ New "Recently blocked sites" menu to allow active content origins
which have been recently blocked but are unrelated with current
page (e.g. loaded in custom frames provided by extensions)
x Fixed some glitch in temporary permissions handling (thanks
computerfreaker for reporting)
x Simplified bookmarklet permissions granting
x Simplified ABERequest lifecycle management
x Prevented potential memory leak