Rated 5 out of 5 stars

Hi there!,

I've played around with addons like noscript and adblock plus.

I thought that I would give Request Policy a try.

It seems to be okay, would be better if:

1. Blacklist/whitelist (I see that this has already been mentioned in previous comments:))

2. More clarity and simplicity about "from" and "to" requests so that everyone (not just us geeks:)) will be able to use this addon.

Just my two cents:)... Keep up the good work. Continue to keep the addon light and avoid bloats. Cheers!

This review is for a previous version of the add-on (0.5.23.1-signed.1-signed). 

Rated 3 out of 5 stars

There are some sites (e.g forum), in which requests are made from the site to various image site, allowing them 1 by 1 is just a disturbance for normal browsing, and is already too much for normal user.

In that case, a better (although compromised somehow...) alternative would be allowing request from the site, but the rules specified in blacklist (either destination or origin-to-destination) would be followed. Only with that, the user experience can be enhanced.

Also, multi-selection of site request for permission is needed to avoid the repetitive work of clicking site 1 by 1 in menu.

This review is for a previous version of the add-on (0.5.23.1-signed.1-signed).  This user has 2 previous reviews of this add-on.

Thanks for your feedback. Both of these features (ability to select multiple items before reload as well as a default-allow mode with blacklist support) are in development and are planned for launch in summer 2012.

Rated 5 out of 5 stars

For such a paranoid person as me, this is absolutely awesome addon.

It would be nice if a separate button to temporarily allow requests from current page was available (NoScript has this button available)
and if such an option that the context menu would open on hover over the RequestPolicy toolbar button (instead of after clicking the button) was available.

As of now, this is an irreplaceable addon—and well done one—so 5 stars are yours and thank you once again! (I even created the account here only to thank you).

This review is for a previous version of the add-on (0.5.23.1-signed.1-signed). 

Rated 5 out of 5 stars

Great add-on, it provides exactly what I was missing from NoScript.

Needs a few improvements though:
- Allowing multiple sites should be easier, similar to NoScript: the menu should not close after clicking on a domain and the changes should be applied to the menu right away not after reload only. Reload after closing the menu.
- Option to blacklist domains, so I can click 'allow all' but still keep some known ad/stats/tracking sites blocked.
- Using/importing the list of blocked domains from NoScript would be even better so I only have to block them once

This review is for a previous version of the add-on (0.5.23.1-signed.1-signed). 

Thanks for the support and feedback! Regarding your suggestions, #1 (multiple whitelist changes before reload) and #2 (blacklist) are in progress and will launch by summer 2012. These features will probably be in a 1.0 alpha release in spring 2012 which will be available directly from the requestpolicy.com website.

For #3 (NoScript integration/coordination), after RP 1.0 is released I'll look into ways to enable these addons to work better together. It's going to be a long time before I get there given the number of outstanding feature requests and the time required for the major changes that are in progress now.

Rated 5 out of 5 stars

Instead of having to click on every single item individually, could we instead implement the checkbox method in which we check off the items we want to run followed by automatically reloading the page once the list becomes unfocused? It would be a huge timesaver. Disabling the auto-reload kinda helps but it's too buggy to ensure if the item is actually running or being blocked. Please make it easier to allow multiple items to be selected at one time! Keep up the great work!

This review is for a previous version of the add-on (0.5.23.1-signed.1-signed). 

Rated 4 out of 5 stars

Ran the tests and passed no problem for me. I think some optional AI could be included to automatically allow web page elements to make surfing a little less painfull. Otherwise this is a great addon, love it!

This review is for a previous version of the add-on (0.5.22.1-signed.1-signed). 

Rated 1 out of 5 stars

i recently posted a review stating that when you have request policy installed and enabled when you do a browser security test at browserscope.org "the sts test" http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security the test will not complete and does not work but when request policy is installed but disabled the test fails. when request policy is not installed the sts test passes. just stating the obvious that request policy could be a target for a man in the middle attack. on my last post this security flaw was acknowledged by request policy then my post mysteriously disappeared.

This review is for a previous version of the add-on (0.5.22.1-signed.1-signed). 

Hi. My previous reply did not acknowledge a security flaw (there is not one). RequestPolicy's blocking of requests can make some Browserscope tests fail but that doesn't mean there is a security flaw. Rather, some tests may not have been able to run. Please see this ticket for more information: https://github.com/RequestPolicy/requestpolicy/issues/251 --- Thanks!

Rated 5 out of 5 stars

Agree with the other five-star
reviews. Absolutely excellent add-on....

This review is for a previous version of the add-on (0.5.22.1-signed.1-signed). 

Rated 5 out of 5 stars

This add-on is simply amazing. It adds a layer of security while browsing by allowing you to pick which third party scripts you would like to run. It may be tricky to configure at first but once that initial stage has passed there's not much to do.

This add-on allows you to be back in control while browsing and that has got to be a great thing. I applaud the creator of this add-on and thank him for helping to give the web back to the people.

This review is for a previous version of the add-on (0.5.22.1-signed.1-signed). 

Rated 5 out of 5 stars

I find this plugin as important as noscript. Using requestpolicy makes surfing extremely secure as the addon will only pull side resources from the domain you actually view. I've seen many times browsers to get hijacked while posting in forums simply because someone linked an outside resource script as an avatar and the forum s/w allowed it. Having requestpolicy solves such problems. It's one of the top security plugins for FF.

This review is for a previous version of the add-on (0.5.21.1-signed.1-signed). 

Rated 5 out of 5 stars

Wauw... I love this addon, indispensable for anyone wanting an ounce of privacy. anno 2011 virtually EVERY site has Cross Links*, and most of them to google! even the most inconspicuous blogs or friend's homepages.
* had to open about 50 sites before i found one without cross links!

Note: Most pages work fine without cross links. The sites (eg. site.com) that need cross links usually have an site.img.com site.media.com etc. domain to store their images or media. Just choose Allow -domain- from the dropdown menu when you click the red flag... And the site works every consecutive time you load it.

I understand website publishers would like statistics on who's visiting their pages and that google provided this service for free. But my golly! Did no-one think of the consequences of google knowing each and every ip adres browsing habit all over the globe? Even when buying an airticket on klm.com or reading newssites, google knows where you are! with request policy, I'm back in control of what companies harvest which sites i visit.

This review is for a previous version of the add-on (0.5.21.1-signed.1-signed). 

Rated 5 out of 5 stars

A great security enhancement for the advanced user!

BTW, could you please add compatibility for newer SeaMonkey versions? It works perfectly up to 2.4a!

This review is for a previous version of the add-on (0.5.21.1-signed.1-signed). 

Rated 4 out of 5 stars

I don't see how the casual user is supposed to use this in any sensible way. Some sites redirect almost their entire content. A site like ebay might have 50 things blocked. How can anyone decipher which redirects are dangerous and which are not? The temptation is to just let everything through. Technically it works well and does not impact performance. This is more for the serious computer gearhead.

This review is for a previous version of the add-on (0.5.21.1-signed.1-signed). 

Rated 5 out of 5 stars

¡¡Great addon!!. First, you will know how the web is working and sharing information about you; second, it will give you plenty of control about cross referencing. On other hand, I like to see the source code to see what the author is doing.

This review is for a previous version of the add-on (0.5.20.1-signed.1-signed). 

Rated 3 out of 5 stars

Great addon in theory, maybe works too well. I have used NoScript and I do know that this addon and NoScript both block different elements and should be used together. However this addon requires too much customisation . Also it would be useful to have an option to allow requests to/from a particular domain; at the moment both are separate options (unidirectional). One good point of this addon is that is has a small memory footprint compared to other security addons.

If someone could produce a whitelist (much like Easylist for Adblock Plus) - this would cut down on the tedious initial customisation of the addon and I would be more inclined to use it. However, I do recommend this for the more paranoid Firefox user if they can handle tweaking from the outset. I'll stick to my trusted 5 security addons of NoScript, Adblock Plus, Ghostery, BetterPrivacy and CookieCuller for now.

This review is for a previous version of the add-on (0.5.20.1-signed.1-signed). 

Rated 2 out of 5 stars

This works too well and totally destroys your browsing experience through disabling everything. Who wants to spend countless minutes adjusting settings to get the info they need on each and every page? Guessing what to enable and what to disable is tedious. When this gets smarter, I'll try it again.

This review is for a previous version of the add-on (0.5.20.1-signed.1-signed). 

Rated 5 out of 5 stars

It is mega-awesome extension that brings extra security! Unlike with the other browsers, I AM IN CHARGE OF MY BROWSER!

This review is for a previous version of the add-on (0.5.18.1-signed.1-signed).  This user has 2 previous reviews of this add-on.

Rated 5 out of 5 stars

great power but tripped up gui

__NEED__ to be able to approve all [seemingly random] subdomains of a given domain

This review is for a previous version of the add-on (0.5.18.1-signed.1-signed). 

Rated 4 out of 5 stars

This add-on is very interesting as it gives information about existing cross-site request, it should be in the future a good companion to "NoScript" and "Ghostery".

However at this time, the default behavior is to forbid all cross-site Request except the you have allowed manually : it is too much work to allow them one by one for all sites (some sites does not work well if you don't).

I will test it again if in future version the default behavior could be changed to allow everything except the one you forbid manually.

This review is for a previous version of the add-on (0.5.18.1-signed.1-signed). 

Rated 5 out of 5 stars

I've been waiting for FF4 thanks

This review is for a previous version of the add-on (0.5.18.1-signed.1-signed).