Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It is in the settings for Chrome.

Settings->Advanced->Privacy->Content: Cookies->Keep until quit + exceptions you choose. Javascript->Deny all + exceptions you choose.

When you browse there is a little icon in the address bar to whitelist a site. It is a bit of a pain at first but it makes things a lot safer. When you go incognito it will forget which sites you whitelisted at session end, so you are not enabling a site forever.

I can also recommend the EFF Privacy Badger and the Cross Domain Request Filter extensions. CDRF needs to be updated to work in whitelist mode instead of blacklist mode, but it is still pretty cool. I also like Poper Blocker, but their telemetry mode is wrong.

I'd really like an in-browser firewall which also blocked extensions by default. Something with an inspectable rule set.

See also: Whitelist Manager, comes with source code.

https://chrome.google.com/webstore/detail/cross-domain-reque...

https://chrome.google.com/webstore/detail/privacy-badger/pke...

https://chrome.google.com/webstore/detail/poper-blocker/bkkb...

https://chrome.google.com/webstore/detail/whitelist-manager/... https://github.com/unindented/whitelist-manager



For people as conciuous as this, I highly recommend uMatrix. It is a switchboard that easily lets you control anything (from initial request to frames) per domain.


uMatrix is fantastic, though it has a relatively steep initial learning curve.


Quickly enable/disable Chrome's javascript settings:

https://github.com/maximelebreton/quick-javascript-switcher

https://chrome.google.com/webstore/detail/quick-javascript-s...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: