As a long-time fan of NoScript, I understand his frustration. Fortunately, there’s now uMatrix.
The hosts of FaiF, Bradley and Karen, both work for the Software Freedom Conservancy providing excellent service for the Free Software community.
Again, the cookie is blocked and the graphic allowed.
I can easily use the uMatrix drop down menu to allow the Creative Commons cookie if I need to. Note it jumps from 1 to 4 cookies after reload.
That permission for 'creativecommons.org' cookies only applies to cookies requested by loading 'sfconservancy.org' pages. Any other site, including the Creative Commons' own site, would still not be allowed to set Creative Commons cookies.
For instance, when visiting 'https://en.wikipedia.org/[https://en.wikipedia.org/]', the default behavior set rules for 'wikipedia.org' (dark blue in the upper left) and allows all objects from both 'wikipedia.org' and 'en.wikipedia.org'.
uMatrix understands at least some localized naming, e.g. when visiting 'https://www.bbc.co.uk/[https://www.bbc.co.uk/]' uMatrix smartly defaults to rules for 'bbc.co.uk' (dark blue in the upper left) rather than for 'co.uk'.
My recommendation is to stick with the default rules to begin with.
Once familiar with uMatrix consider removing the
* 1st-party * allow and
* 1st-party frame allow rules for additional security and privacy.
Some sites are a pain. The Daily Show’s site requires all kinds of junk to see the videos. Humble Bundle requires Stripe assets to purchase a bundle and suddenly requires Google assets so you can prove you’re not a robot. The books are DRM free, but the site has issues.
I actually use many Firefox profiles with different instances. For example, I have a Firefox instance dedicated to Mastodon and one for my bank and another for job searches. The Daily Show and Humble Bundle also have dedicated Firefox profiles. I’ll leave documenting that setup to a different post. I did post my rather simple scripts for managing Firefox profiles to GitLab.
Raymond Hill, creator of uMatrix, also created the very popular uBlock Origin add on. In reviewing his work for this post I see he also created uBO Scope for measuring 3rd party exposure on web sites. I need to experiment with that before my SCaLE 17x talk, Device and Personal Privacy Technology Roundup, in March.
In this post I mention the three tools from Raymond Hill and also Software Freedom Conservancy. I don’t see an option to donate to Raymond Hill, but Software Freedom Conservancy certainly accepts donations to support their important work. I use Mozilla’s Firefox as my browser with uMatrix for this article. Mozilla will also gladly accept donations.
A note about NoScript
I happily used NoScript for many years. Thanks to Giorgio Maone for creating and maintaining a tool that I depended on. It was and is still a great tool. When Firefox released Quantum NoScript did not have a web extension version available.
For both tools, look at their configuration options for extra features.
Thanks again to the developers of both tools for improving my web browsing experience.
Further information on XHR.
From the w3schools web site:
The XMLHttpRequest object is a developers dream, because you can: Update a web page without reloading the page Request data from a server - after the page has loaded Receive data from a server - after the page has loaded Send data to a server - in the background