Browser Settings

Recommended Browser Settings, Firefox, Internet Explorer, IE, Popups, Safari,

See also: Secure Browsing,Web Use and Development, Web Authoring, Proxy Servers, Where's My Web Stuff?, NRAO Computer Security Policy, Appx. A

There are two good reasons why you may want to alter the default settings of your web browser, whether it be Firefox, Mozilla, Seamonkey, IE, Safari, Opera, or some other one. These are:

  • SECURITY: The web is not always a safe place; protect yourself from malicious (and/or annoying) scripts, popups, cookie theft, and other badness such as "cross site scripting" (XSS); and

  • FUNCTIONALITY: There are valid reasons to allow scripts, cookies, etc. from "trusted" sites, but not from others.

Fortunately, most browsers permit you to address both of these issues at the same time. What follows is a short tutorial on how to set your browser to accomodate them, and keep yourself safe. If you want a more official, longer, and detailed account, please read the Securing Your Browser article from US-CERT.

What Sites Should I Trust?

Good question! To first order, they are:

  • *.nrao.edu
  • *.nrao.cl
  • *.aui.edu

While you can of course add specific sites each time you encounter one that, say, wants to set a cookie or throw up a popup, using wildcards as above (the "*" character above) is a lot easier.

Configuring Your Browser

Firefox

- Allow Cookies

Begin by finding the Preferences dialog for your operating system:

      • Windows: Select the "Options..."  from the "Tools" menu found at the top of the window.
      • Linux: Select "Preferences" from the "Edit" menu at the top of the Firefox window.
      • Mac OSX: Select "Preferences..." from the "Firefox" menu on the OSX menu bar.

From the Preferences dialog, select the "Privacy" menu from the left-hand pane. Click the plus sign next to "Cookies" in the main pane. Check the boxes next to "Allow sites to set cookies." You can also select the lifetime of the the cookie to be either the cookie's built-in expiration date (set by the web sites you visit) or you can tell Firefox to remove the cookies each time you close the browser. (NOTE: this will prevent sites like GMail and others from storing login cookies, etc.)

firefox_config_privacy.png

If you do not wish to enable cookies for all sites, you can enable them only for particular sites by clicking on the "Exceptions" button. Under "Address of web site:", enter a site from which you wish to allow cookies and click the "Allow" button to add that site to the list. To add an entire domain to the list, simply type the name of the domain (i.e., nrao.edu); do not put any wildcards in front of the name.

firefox_config_cookies.png

Managing the Firefox Popup Blocker

To allow a site to bypass Firefox's popup-blocker, select "Web Features" from the Preferences dialog. Next to the item "Block Popup Windows", click the "Allowed Sites" button.

 

firefox_config_popups.png

Under "Address of web site:", enter a site from which you wish to allow unrequested popup windows and click the "Allow" button to add that site to the list. To add an entire domain to the list, simply type the name of the domain (i.e., nrao.edu); do not put any wildcards in front of the name.

Internet Explorer

Blocking Popups

To enable popup blocking in Internet Explorer, open the "Internet Options" dialog and choose the "Privacy" tab. At the bottom of the dialog box, click the box labeled "Block pop-ups."

ie_config_popups.png

To allow a specific site to open unrequested popup windows, click the button labeled "Settings".... Enter a site from which you wish to permit popup windows and click the "Add" button to add that site to the list.

ie_config_popups2.png

Enabling Display of Mixed Content

Mixed content is when a page viewed over SSL (https://) also includes non-SSL images, banners, etc. To permit the viewing of Mixed Content on Trusted Sites in Internet Explorer, open the "Internet Options" dialog and click the "Security" tab. Select the "Trusted Sites" icon and click the "Custom Level..." button.

ie_config_mixed_content.png

Scroll down the list of options until you see the item "Display mixed content" (about half way down the list). Select "Enable" and click the "OK" button. Click "OK" again to close the Internet Options dialog.

ie_config_mixed_content2.png

 

Safari

From the "Safari" menu on the OSX menu bar, select "Preferences..." and choose the "Security" tab from the top of the dialog box. Next to "Accept Cookies", choose "Only from sites you navigate to."

safari_config_security.png

Blocking Popups

From the "Safari" menu on the OSX menu bar, select "Preferences..." and choose the "Security" tab from the top of the dialog box. Check the box labeled "Block pop-up windows."

safari_config_popups.png

Browser Addons and Extensions

There are many "extras" one can choose to add in to your browser that will extend its functionality. Examples of such extras include:

As none of these are formally supported by the NRAO Computing Divisions, it is your responsibility to check if these addons are interfering with your browser settings, specifically cookie acceptance, popup blocking, etc. That said, it is known that by default the Google toolbar will block the popups normally used by some components of WBS. For Firefox users, the Yes Popups extension provides a way to temporarily disable popup blocking and thus may prove useful to some users.

 

Info Services Contacts
 
Search All NRAO