<div dir="ltr">No, I'm not going to do that. I absolutely hate even _considering_ changing<div>how I want to do something for an extension that doesn't know the difference</div><div>between an IP address and a script.</div><div><br></div><div>There are no "Scripts" on the remote IP addresses.</div><div><br></div><div>Putting everything into DNS would be a problem. They are ephemeral</div><div>IPs (not all, but some), literally the cloud may bring some up for an hour</div><div>and then take them down, then bring them up with another IP.</div><div>And keeping DNS uptodate even with low TTL is a problem plus I have</div><div>fast learned that many people do not have reliable ISP DNS servers.</div><div>Some are missing info, some are very slow, some are flaky. The</div><div>test is not testing DNS reliability. There are other tests that do that</div><div>pretty well.</div><div><br></div><div>So .. No. lol.</div><div><br></div><div>I have however made the error crystal clear, it now instructs the user</div><div>to set the noscript option to "Cascade" permissions from the page</div><div>to "3rd party scripts" (lol).</div><div><br></div><div>To give an example of the kind of ridiculous stuff these extensions do:</div><div>a user wanted to know why something was broken on the site because</div><div>they "did not trust <a href="http://cloudflare.com">cloudflare.com</a>" (which hosts jQuery for everyone).</div><div>Now if I change the location of that resource to "<a href="http://cdn.dslreports.com">cdn.dslreports.com</a>",</div><div>it would be approved by noscript because the user trusts us.</div><div>However <a href="http://cdn.dslreports.com">cdn.dslreports.com</a> is run by.. Amazon CDN. Exactly and</div><div>perfectly the same, from a privacy/security viewpoint.</div><div><br></div><div>Another example, the people spending days tinkering with their noscript</div><div>or other security setup will one-click accept flash (if they wanted to run</div><div>a speed test). Or more probably, just whitelist flash, because youtube</div><div>was all flash and they want their videos. Right, that's real secure. flash</div><div>is a black box to noscript.</div><div><br></div><div>Alright I'm going to go away and bang my forehead against the wall now</div><div>it is more productive than thinking about NOSCRIPT !</div><div><br></div><div>/rant</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Apr 26, 2015 at 4:26 PM, Jan Ceuleers <span dir="ltr"><<a href="mailto:jan.ceuleers@gmail.com" target="_blank">jan.ceuleers@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On 26/04/15 06:17, jb wrote:<br>
> The warning is correct in that it is probably NOSCRIPT. I think.<br>
> All the speed test knows is that an API call to all servers was brutally<br>
> failed<br>
> in an unexpected way. There is no visibility into what caused the<br>
> failure, only<br>
> that it should not occur in a clean browser. If you open the console<br>
> you can probably see more than the javascript gets told.<br>
<br>
</span>Hi Justin,<br>
<br>
I think the problem is that you may be referring to the test servers by<br>
IP address rather than by DNS names. Here is why I think that:<br>
<br>
I picked Noscript's "disable everywhere" option, then successfully ran<br>
the test. I was then able to see in Noscript which sites were running<br>
scripts and saw a number of IP addresses among them. I then added these<br>
IP addresses to the whitelist, re-enabled Noscript and verified that I<br>
was able to still run the test.<br>
<br>
If you are able to put all of these servers in a DNS domain under your<br>
control then a single whitelist entry in Noscript would make them all<br>
work, and not just the ones that are being picked at my location.<br>
<br>
By the way: I then re-enabled Adblock and was still able to run the<br>
test. So I recommend blaming Noscript in the error message rather than<br>
Adblock (and then perhaps also mentioning the whitelist rule that fixes it).<br>
<br>
Thanks, Jan<br>
<br>
</blockquote></div><br></div>