"NoScript" Add-On for Firefox - Settings Needed in Sandboxie?

Questions from a relatively ignorant Sandboxie user re. NoScript 11.0.13 in Firefox 73.0 in Sandboxie 5.33.1 under Windows 10 (1909):

Can anybody fill me in on the settings needed for Giorgio Maone’s invaluable Firefox add-on, "NoScript," to run properly in a sandbox?

I think NoScript keeps a database of Web pages and the page-specific script permissions allowed for each, but I don't know where.  This database needs to be saved/updated between Firefox sessions.

Any other files to which I need to allow access for NoScript? -- jclarkw

Parents Reply
  • Thanks for this is a very helpful general tip:

    >>OpenFilePath=firefox.exe,%AppData%\Mozilla\Firefox\Profiles\*\storage\default\moz-extension+++UUID*<<

     

    Follow-Up Question:  Is there a simple way to add specifications like this through the Sandboxie GUI (e.g., Sandbox/Default Box/Sandbox Settings/Resource Access/File Access/etc...), or is it best to just edit the settings directly?  If directly, then does it matter where in the settings such a specification should go? -- jclarkw

Children
  • I always edit the file "Sandboxie.ini" directly. The line should be inserted in the section of the sandbox running the required program, e.g. directly below the line containing the sandbox name [SandboxName].

  • APMichael said:

    I always edit the file "Sandboxie.ini" directly. The line should be inserted in the section of the sandbox running the required program, e.g. directly below the line containing the sandbox name [SandboxName].

     

    OK.  FYI I was able to duplicate the following line that you recommended above for NoScript,

    "OpenFilePath=firefox.exe,%AppData%\Mozilla\Firefox\Profiles\*\storage-sync.sqlite*",

    though without the trailing asterisk (which symbol I assume you are using to indicate missing or inserted material, not as a required symbol, correct?), through the following GUI steps:

    Sandbox/Default Box/Sandbox Settings/Resource Access/File Access/Direct Access/firefox.exe/Add/then browse to "%AppData%\Mozilla\Firefox\Profiles\ljldmg0t.default-release\storage-sync.sqlite".

    (Of course I couldn't have done that without your telling me what file to look for!)

    It came out in the Sandboxie Configuration file as follows:

    "OpenFilePath=firefox.exe,%AppData%\Mozilla\Firefox\Profiles\ljldmg0t.default-release\storage-sync.sqlite", so I guess I was right about the trailing asterisk here.

     

    Trying to duplicate your more general tip above, 

    "OpenFilePath=firefox.exe,%AppData%\Mozilla\Firefox\Profiles\*\storage\default\moz-extension+++UUID*",

    I was able to find the UUID for AdBlock Ultimate and stick it into a new line in the Configuration File as follows:

    "OpenFilePath=firefox.exe,%AppData%\Mozilla\Firefox\Profiles\ljldmg0t.default-release\storage\default\mozextension+++be8ea8d2-9745-42a7-9e34-e8b504a3412b",

    on the assumption that the "+++" is necessary but the trailing asterisk is not.

     

    I'm not sure as yet if either is working.  I also assume that incorrect syntax will not necessarily result in an error message from Sandboxie.  I don't see any other "OpenFilePath=" lines in the existing configuration file, so I don't have any other example to imitate.  Did I follow your format correctly? -- jclarkw

  • I recommend to use the trailing asterisk, because an open SQLite database creates temporary files (.sqlite-shm/.sqlite-wal), these are covered by the asterisk. The asterisk is a wildcard for Sandboxie. This also means, for example, that the Firefox profile (ljldmg0t.default-release) does not need to be specified. And the "moz-extension+++" folders often have even more characters after the UUID, hence the trailing asterisk as well.

    It might work without the trailing asterisks, because I think I have read once that Sandboxie adds them by itself during execution.

    By the way, mozextension is written with a hyphen: moz-extension

  • APMichael said:

    I recommend to use the trailing asterisk, because an open SQLite database creates temporary files (.sqlite-shm/.sqlite-wal), these are covered by the asterisk. The asterisk is a wildcard for Sandboxie. This also means, for example, that the Firefox profile (ljldmg0t.default-release) does not need to be specified. And the "moz-extension+++" folders often have even more characters after the UUID, hence the trailing asterisk as well.

    It might work without the trailing asterisks, because I think I have read once that Sandboxie adds them by itself during execution.

    By the way, mozextension is written with a hyphen: moz-extension

     

    Great!  Thanks for the corrections.  Is the syntax of the Sandboxie Configuration File written up somewhere? -- jclarkw

  • jclarkw said:
    Is the syntax of the Sandboxie Configuration File written up somewhere?

    You can find the information here: https://www.sandboxie.com/SandboxieIni