hackademix
Hard to find out why NoScript blocks certain scripts
Lately I've seen scripts blocked by NoScript, even though the domains involved are whitelisted. The 2 cases that I've seen are internal resources.
Here is one case:
becks.aev.etat.lu loads scripts from apiv3.geoportail.lu. Both "...etat.lu" and "geoportail.lu" are whitelisted. However, according to the Network tab of the Web Developer Tools, https://apiv3.geoportail.lu/apiv3loader.js is listed as "Blocked By NoScript" without any further details, and the map which is supposed to be shown is not shown.
On further investigation, it turned out that apiv3.geoportail.lu has multiple IP address: from outside the Luxembourgish State's network, it's at 185.106.24.84, but from inside it's 10.185.4.133. Sure enough, setting becks.aev.etat.lu to "Custom" with LAN allowed, rather than simply "Trusted" fixed the issue. However, it would be preferable if this reason was shown more clearly in the Network tab in the Web Developer Tools ("LAN access blocked by NoScript" or something similar)
