Allowing RFC1918 – 192.168, 10. , 172.16-32 address with NoScript

I’ve recently started installed the firefox add-on NoScript to improve my online security.

One of the things that’s been a little frustrating has been having to manually accept/white list internal 192.168.1.1 type addresses. After a fruitless google, I’ve managed to find the answer here in the NoScript Forum.

There is one major limitation and that is the NoScript white list only accepts entries of more than one byte, this means that you cannot whitelist the whole of 10.*.*.* (10/8) as inputting 10. is only one byte. On the upside you can however whitelist a whole /16 (255.255.0.0) subnet, which works out nicely for the 192.168.0.0/16 set off addresses but for the 10’s & 172’s you’re a bit stuffed.

Now you may find that when you try to white list 10.123.0.0/16 that you have issues, I know I did! The trick is to read the forum post carefully. If you want to white list 10.123.0.0 through 10.123.255.255 then add the following:

http://10.123

https://10.123

That should allow both http & ssl traffic to all those internal addresses to be permitted by NoScript!

Dear googler, I hope this was of some help

This entry was posted on Friday, 6th March, 2009 at 11:00 am and is filed under Firefox, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.