Add-ons
Reviews for RequestPolicy
211 reviews for this add-on
Rated 4 out of 5 stars
I really like this addon. It does take some time to get permissions set up, but it's worth the effort.
Unfortunately I had to disable it because of an incompatibility with the Update Scanner addon that I rely on. However, the developer has it on his bug list, so once he gets that resolved I plan to turn it back on.
There has been a recent improvement in the conflict between Update Scanner and RequestPolicy. As of RequestPolicy version 0.5.17, when you click a link from an Update Scanner webpage version/diff the link click is allowed instead of being blocked.
The major remaining conflict with Update Scanner, the blocking of cross-site requests for additional content requested by a webpage version/diff, can be worked around by allowing all requests from the origin "about:blank". This does mean that sites can intentionally bypass RequestPolicy, however you'll get the privacy/security benefits of RequestPolicy in most cases. I still hope to figure out a better solution.
Rated 1 out of 5 stars
Whitelisting is a completely impractical way to solve this problem. Almost every site you go to will host it's images or javascript on a different domain name (e.g. cdn4.whatever.example.com, images.cdn89.whatever.example.com) and those will fail to load. All I wanted to do was *blacklist* facebook and those fixed position bars at the bottom, but apparently adblock (without the default easylist) is the best way to do this.
This review is for a previous version of the add-on (0.5.18.1-signed.1-signed).Rated 5 out of 5 stars
this tool makes you feel you are finally controlling yourself. It's amazing how many websites are collecting your data without you knowing it.
Be ware, you may think it's inconvenient at first. But with no time, you will get used to it. Just manage your whitelist well
Rated 5 out of 5 stars
this is a brilliant plug-in given its intended scope. provides the fine degree of control needed to block the various nosy parkers on the net.
This review is for a previous version of the add-on (0.5.16).Rated 3 out of 5 stars
I give it only 3 stars, because this addon quite aggressively works into only one direction and blocks ANY off-site requests.
An approach to provide a blacklist with suspicious ad-servers, click-tracking etc is not available.
Instead, each site has to be dealt with separately. And this can be very time-consuming (although better for "paranoid security": For example Google Maps - 2 additional permissions required...
The provided white-lists upon 1st time installation are very limited.
It is also annoying, that there are no place-holders for any content blocked. So for example Paypal-donate and pay-buttons and lots of more stuff will just disappear by default. Still I do not know if technically it is actually possible to show place-holders for everything...
Another thing that disturbs me is the handling of redirects. Why this feature cannot be turned off in the GUI? It is just a bit frustrating...
Finally - before making any "checkout" on an online shopping site and paying by CC / home banking, this add-on should be disabled, as what the script does, can cause big problems here. In my case probably a session-cookie expired after re-initiating a redirect originally blocked by the addon... My card was charged, but merchant did not get the required info. I had to solve this issue manually by e-mail... Quite annoying.
Still interesting to see which content is requested by the different sites.
Rated 5 out of 5 stars
I think RequestPolicy is a "must have" add-on for anyone who is at all security-conscious.
Without RequestPolicy, it's amazing how a simple-looking website can actually be connecting you to a whole bunch of other sites too, sometimes undesirable sites that you have *no* idea about and not the type of site that you'd actually knowingly click on.
But with the RequestPolicy add-on installed, you get advance warning and you can decline to allow those sites on a case-by-case basis. Or, you can opt to allow whichever sites are necessary to make the main site work right.
You can choose to make those settings permanent, so that the next time you visit that site, the site will in all likelihood "just work" without having to go through the whole process again.
Or, if for some reason you don't want to keep permanent records (anywhere) of the sites you visit, you can opt to make the RequestPolicy settings temporary and then when you're done visiting that site, you can "revoke" the settings for that particular site.
RequestPolicy has an easy-to-use "Export" button which lets you save a backup copy of your RequestPolicy settings to a file at a location of your choosing. You can name this file whatever you want - I put a date on mine for easier future reference. Then, at some future time, you can click the RequestPolicy "Import" button and select whichever of your backup files you want, to restore Request Policy's settings to that previous state. I used the "Import" button recently after I installed a new version of Linux and new version of Firefox, and it worked really great - instead of having to go through the trial-and-error process of the various websites I visit, I just clicked "Import" and voila, there were all my settings, restored and ready to use. :)
True, you need a bit of patience sometimes when first visiting some new sites, especially the way some websites nowadays try to connect you to so many other things. Sometimes those things are necessary to make the site work, and sometimes they're not. It can take a bit of trial-of-error to figure out exactly which additional sites you need to allow to make some poorly-designed irritating website work correctly. That said, the worst that can happen is that you'll have to make a few extra clicks and take a few seconds to decide *which* sites to allow (that's where the trial-and-error part comes in) - but it's not *that* much hassle, really. Well worth it, considering that it allows you to (in my opinion) keep your computer safer by having the option to not connect to sites that you didn't actually click on, unless you specifically allow them.
RequestPolicy probably isn't something that the stereotypical techno-phobic senile grandma could handle, but for the rest of us, I highly recommend it.
____
- Firefox 3.6.x on Linux.
- RequestPolicy plays nicely with the other add-ons I use:
- The add-ons I have installed are, in alphabetical order: NoScript, RequestPolicy, Small Screen Renderer, User Agent Switcher, and WebDeveloper.
Rated 5 out of 5 stars
A great security tool. Sometimes a nuisance to keep adding new sites to the approved list, but it has prevented me from going to unintended bad sites several times, and blocks ads. I wouldn't surf without it. It's good to know what material is being pulled into a page before it's too late. Especially Javascript where unknown danger may lurk.
I would like to see it enhanced to allow CSS sheets to be accessed without prior approval, possibly images too.
Rated 5 out of 5 stars
I think Request Policy needs 2 features:
- Allow all image load
- A hotkey to On/Off request policy quickly.
Thank so much!
Rated 4 out of 5 stars
Satisfied
This is needed.
Instead of exporting to file (all the domains learned) it would be helpful to add to bookmarks. Similar to NoScript.
Rated 5 out of 5 stars
Since i have this addon i won't life without pls continue this good work
This review is for a previous version of the add-on (0.5.15).Rated 5 out of 5 stars
indispensable - essential
merci
Rated 5 out of 5 stars
Thanks a lot! This exactly what I want.
The only wish is to support wildcards in domain names.
Rated 5 out of 5 stars
Great Add-on! It is so much more user friendly than NoScript. It trains you to be aware of what cross site requests are being made from each web site. It is possible to turn off 'Indicate Blocked Images' to make it even less intrusive. Keep up the good work.
This review is for a previous version of the add-on (0.5.15).Rated 5 out of 5 stars
Отлично!
This review is for a previous version of the add-on (0.5.15).Rated 5 out of 5 stars
Forgive me if this double posts as my connection tonight is really cranky. I put this one in my "Apollo! Pack" collection and after playing with it for a while I consider it a MUST have! The only slight issue I have found is things like this combined with other security add-ons like NoScript Cookie Whitelist, Ghostery... will trip up rookies who are used to surfing in ignorant bliss. Some of them will panic when pages don't load or appear to function fully. I am working on putting up a help page or two to explain just what the heck some of these things are and why a newbie WANTS to be bothered with toggling these things.
I read and agree with the past reviews of this one and I also agree that when you get rid of all the junk scripts, requests, ads... it speeds up pages since they aren't having to connect to and load all the junk! The bottom line is this one is a true 5 star rating!
Rated 2 out of 5 stars
ANNOYING With the way it Stops ALL Redirects.
Gets 1 bonus star For the Idea.
Rated 5 out of 5 stars
I really enjoy this app much more so then noscript.
Thank you!
Rated 4 out of 5 stars
I agree with atomic dryad about allowing cross-site images. Otherwise, it's all good.
And please, don't mention the anal addon called NoScript.
Rated 3 out of 5 stars
Needs wildcard whitelisting or option to allow images (for gods sake!). Adblock's image blocking is perfect...requestpolicy just makes a pest of itself by nuking all cross-site images in addition to the unwanted cross-site SCRIPTS that it's so well suited to handle.
This review is for a previous version of the add-on (0.5.14).Rated 4 out of 5 stars
I would prefer NoScript's way of working, untrusted/blacklisted. When temporarily allowing request from a site would just allow the rest and not the blacklisted/untrusted site[s]. Besides that I really like RequestPolicy. RequestPolicy and NoScript are a must.
Thank You for this add-on.
To create your own collections, you must have a Mozilla Add-ons account.
