I’m getting what appears to be inconsistent results when running scripts. I have Block scripts turned on and when I go to many web site I get a message that JavaScript needs to be turned on (as expected). I clicked on a link to a Microsoft support article, and I couldn’t see the page, so clicked the Shields Up and allowed scripts for support.microsoft.com. There are three other related sites which seem to be blocked (www.microsoft.com, mem.gfx.ms, web.vortex.data.microsoft.com). I’m seeing 21 Blocked scripts. This is the results I expect.
Next, I went into the JavaScript settings and set support.microsoft.com to Allow. Now when I go to the same article, Shields are showing 0 Scripts blocked. It appears the other three sites are now allowed to run scripts, even though they’re not in the JavaScript allow list. I don’t want a site to run scripts unless I explicitly allow it.
Is there are setting to change this behavior, so an explicit allow isn’t inherited by other sites that are called? I’m kind of assuming this is default Chromium behavior, but I’d consider it a security vulnerability.
I’m a new Brave user. I’ve been using FireFox since 1.0, and I’ve been using NoScript, Adblock Plus and HTTPS Everywhere for years. I like the idea of having all this builtin to the browser, but I’m not yet convinced Brave is better than my regular configuration.