NoScript/ABE help?

I am trying to get our NAS to use a built-in app to sync with Google Drive. I get to an page tht says “Synology Cloud Service would like to: Have offline access.” When I click ‘accept’, I get a NoScript alert ending in “filtered by ABE: <LOCAL> Deny.”

I can’t make sense out of any of the solutions I’ve found. I’ve found the scripting rules, but they seem to be written for developers or someone with an advanced idea of what’s going on. Can anyone help me get this set up?



Why don’t you turn ABE off?

The only default rule is

# Prevent Internet sites from requesting LAN resources.
Accept from LOCAL

which prevents sites from accessing the local network, which is what “Synology Cloud Service” wants to do. I suppose you could write an exception for whatever specific script(s) want local access if you don’t want to turn ABE off entirely.

Isn’t preventing sites from accessing the local network ABE’s reason for being in the first place? Since we keep our business on the LAN and have to visit sites that may be compromised (e.g. advocacy or stakeholder sites in developing countries), and because we don’t have a real IT person on staff, we’re under the impression it adds a modicum of safety.

Yes, that’s one of its purposes, though it can do more. For me though, I’ve had it turned on for years and only ever gotten one alert (and a false positive at that). I’m not a network security expert, just another non-IT guy, but it seems to me you should be fine just by turning it off.

However, that’s not the proper way to do it. The correct way would be to add an exception to the rule allowing just the objects that need local access through. One way to do that would be to sift through Firebug/Chrome’s “inspect element” and find all the sites that might be sending objects. Then whitelist them in the ABE according to the examples here.

Maybe give this a shot? I wrote it “in the blind” so to speak so I don’t know if it works.