get it!

The 2006 100 Best Products's Best Security/Privacy Add-on 2010-2011
Flattr NoScript

Stable AMO Version, see changelog for details.

Supported browsers: Firefox (Desktop and Mobile on Android), SeaMonkey, Tor Browser (where it is built-in).
Other browsers based on Gecko versions >= 45 might work, but are not tested.

Direct download

You can get latest stable version here, too, using this direct download link for NoScript
To install, just drag and drop it onto your address bar.

x Improved tooltip clarity
x Added version number to the browser action tooltip (thanks 
  therube for RFE)
x More restrictive domain matching in the main UI for "fake"
  TLDs, showing pseudo 2nd level domains containing one dot
x Domain matching now treats unknown no-dot domains (not in
  the public suffixes list) as TLDs everywhere (fix finally
  not overwritten by auto-generated tld.js)
x Fixed rc4 regression causing synchronized changes not to be
x Smarter XSS popup behavior when reporting concurrent events
  from/to the same origins
x Fixed full breakage when sync storage is disabled
x Improved layout on small screens (less than 10cm wide)
x Moved preset customization into its own (more discoverable)
  global Options section, rather than embedded in assignment
x Improved validation of manual entries
x Needed capabilities highlighted also on short-hand domain
  matched entries inside the CUSTOM preset
x Domain matching now works also for manually entered TLDs
  and pseudo-TLDs, such as "" or ""

If you find any problem installing it, this FAQ may help.

You can still download NoScript "Classic" ( for Firefox 52 ESR here: it will be updated until June 2018, when ESR and the Tor Browser based on it will switch to 59.

x [XSS] Fixed regression (thanks Masato Kinugava for report)

Users of Firefox 44 and below are urged to upgrade their very unsafe browser. For those few who can't,

Development version

If you're brave enough and you need a specific feature or fix not released yet, or you simply want to provide feedback before official release, you may want try this
"Quantum" NoScript development build (here the "Classic" NoScript development build).

Recent development history:

x Fixed duplicate entries in UI on page reloads (thanks 8-bit
  for reporting)
+ Spinner for long sites lists in Options page

- Removed obsolete work-around for accidental TRUSTED preset

x [UI] Fixed clicking on capability's label doesn't toggle
  the related checkbox (thanks dhouwn and olf for reporting)
x [XSS] Fixed false positives on badly encoded URLs (thanks
  sage11 for reporting)

x Fixed DNT support initialization regression (thanks barbaz
  for reporting)
x [XSS] Fixed false positives on badly encoded URLs (thanks
  sage11 for reporting)
x Script Surrogates don't affect privileged URLs anymore,
  unless the noscript.surrogate.matchPrivileged about:config
  preference is set to true (thanks barbaz for RFE)
x [e10s] Fixed temporary permissions inter-process sync issue
  (thanks to the TorBrowser team for solution)


If you find something wrong about NoScript, read the FAQ page and/or let me know: I'll try to fix it as soon as I can.

You can also discuss about NoScript on this Forum.

Have your safest browsing experience!

Download in a Flash... with FlashGot!