this post was submitted on 23 Jun 2025
0 points (50.0% liked)

JavaScript

2425 readers
1 users here now

founded 2 years ago
MODERATORS
erlingur@programming.dev
Ategon@programming.dev
nick@programming.dev
0
Is there a way to block browser JavaScript from executing commands that retrieve sensitive information from my local machine, while still allowing JavaScript that is only used for rendering web pages? (lemmy.world)
submitted 1 week ago by happeningtofry99158@lemmy.world to c/javascript@programming.dev
6 comments fedilink hide all child comments
 

cross-posted from: https://lemmy.world/post/31859998

Please see the cross-post as it is updated.

As a security-conscious user, I've used NoScript since Firefox's early days, but its restrictive nature has become frustrating. I'm often forced to go unprotected just to access websites with multiple scripts running on different domains, which defeats the purpose of using NoScript and balances security and usability that it once provided.

Is there a way to block browser JavaScript from executing commands that retrieve sensitive information from my local machine, while still allowing JavaScript that is only used for rendering web pages?

greatly appreciate any insight

cross-posted from: https://lemmy.world/post/31859998

Please see the cross-post as it is updated.

top 6 comments
sorted by: hot top controversial new old
[–] sun_is_ra@sh.itjust.works 1 points 1 week ago (1 children)

Could you be more specific? What senstive information?

[–] happeningtofry99158@lemmy.world 1 points 1 week ago (1 children)

by sensitive information I'm referring to

  • local machine time
  • local machine ram
  • local machine operating system + version
  • local machine hardware
  • Serial Number
  • Hardware ID
  • UUID
  • Windows Device ID
  • Windows Product ID
  • ...

Can I prevent javascript from running specific command that retrieve these information?

[–] sun_is_ra@sh.itjust.works 2 points 1 week ago (1 children)
  • local machine hardware
  • Serial Number
  • Hardware ID
  • UUID
  • Windows Device ID
  • Windows Product ID
  • local machine ram

Can not be accessed through Javascript anyway

  • local machine operating system + version

Accessible through so called "User Agent", you could install User Agent changer addon to make your machine like its running different operating system/ web browser

  • local machine time

when resist fingerprinting is enabled, local time is not shown, instead it always think your time is UTC

[–] happeningtofry99158@lemmy.world 1 points 1 week ago

Much appreciated

[–] Kissaki@programming.dev 1 points 1 week ago

Browsers typically ask you to grant permission before sharing sensitive information.

[–] Boomkop3@reddthat.com 1 points 1 week ago

Windows sandbox? Or sandboxie I suppose