So, I am one of those old school types who mains with Firefox and Noscript. And also a filthy casual that just goes on lemmy.world. But half the images are broken because I’m expected to allow scripts on like 30+ sites to see most of the posts. I’m literally expected to allow /all/ the scripts from a domain just so I can see a dang picture behind the thumbnail. That’s the entirety of the scripting needed. That seems ridiculous. Is there, I don’t know, a server/way that makes it so I don’t have to blanket allow all these scripts? To put it in meme form (not sure I’m doing it right, never seen the show): “It’s an image of a banana Michael, what should it take, one Raspberry Pi running Docker?”
That looks cherry picked or very lucky. Can you show me a screenshot of Firefox with NoScript and allowing only lemmy.world and ANY other image from the first five results of the home page? My result? “The American Dream” discuss.online - BROKEN “We are way overdue for an open source 2d printer” sub.wetshaving.social - BROKEN “We never stood a chance.” ani.social - BROKEN “literally useless” lemmy.blahaj.zone - BROKEN “Anime Recommendations” lemmy.dbzer0.com - Works (the one you show)
nothing about this is cherry-picking. it’s simply how lemmy works. there are no remote js sources. lemmy-ui even sets security headers that prevent loading js from third party domains.
So, why does your image show the ani.social and mine doesn’t? Remember I said Firefox. Sorry, too many years in dealing with these kinds of issues. Please show me a screenshot of the top of the browser so I can see it is Firefox and also expand out the noscript extension like you did before and show me the ani.social image expanded. I know your first image had a window header that did not look like Firefox. In fact you mentioned “tor browser” and I want to make sure we are talking apples to apples.
honestly at this point I don’t consider it worth continuing the discussion here, as it doesn’t seem that you understand enough of what you’re talking about, despite your claims of dealing with it for “years”, yet you keep implying that i’m likely the one being wrong or even lying/misrepresenting things.
the second screenshot is from the same browser as the first, both are in firefox, using the tor browser variant in safest mode, which blocks even more than the average noscript installation in firefox. tor browser is a hardened variant of firefox esr. if it works in tor browser without loading js from third parties it’ll very much do so in any other browser. the screenshot is from macos, which is probably why you’re not used to it, but that’s just what firefox on macos looks like. this is my standard firefox install:
besides, if lemmy was loading and executing javascript from other instances, this would be a massive security issue, which is yet another reason why your claim of loading js from other instances is ludicrous for someone who knows how these things work, at least when you keep insisting on it.
as i mentioned before, noscript is not an extension that is easy to use without some basic understanding of how websites work. if you’ve been having issues for years due to not understanding these things and how to deal with them properly that suggests that it’d probably be better for you to just switch to something like ublock origin with anti-tracking filter lists if you’re not planning to spend some time learning how websites work and what the different types of blocked resources do.
i don’t even see how you would be blocking images with noscript, as there doesn’t even seem to be an option for it. unless of course you’re confusing noscript with something like umatrix, which does allow blocking images by default as well, but it would also clearly show that there is media blocked and not scripts:
anyway, if you’re truly interested in understanding these things and not just rant about them please do some research on the technology being used.
I admire your patience.