Excessive Cross-scripting warnings

Post a reply


In an effort to prevent automatic submissions, we require that you complete the following challenge.
Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:

BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON

Topic review
   

Expand view Topic review: Excessive Cross-scripting warnings

Re: Excessive Cross-scripting warnings

by GreenReaper » Mon Jul 15, 2019 1:01 pm

The 20000ms warnings are a serious annoyance, though. I have a slow netbook from 2011 and I get them frequently when a page is loading up, for otherwise acceptable requests. It seems like they've been popped up simply because they are slow, which to me doesn't deserve an alert (or any response). Is this timeout configurable? Is the warning even coming from NoScript, or elsewhere?

Re: Excessive Cross-scripting warnings

by barbaz » Sun Jul 14, 2019 10:13 pm

bluekai is a tracker, and your second XSS warning is a false positive caused by an ad.

You might consider using something like uBlock Origin to just block this stuff.

Re: Excessive Cross-scripting warnings

by edgracely » Sun Jul 14, 2019 9:35 pm

And many more. I was visiting the Citi card site -- must have had 10 XSS warnings.

Here is the first part of another one:

Code: Select all

NoScript detected a potential Cross-Site Scripting attack

from https://6269322.fls.doubleclick.net to https://adservice.google.com.

Suspicious data:

(URL) https://adservice.google.com/ddm/fls/i/src=6269322;type=newbank;cat=undefined;u1=undefined;u2=Account
Do these actually help tell why I'm getting them?

Ed

Re: Excessive Cross-scripting warnings

by edgracely » Sun Jul 14, 2019 9:26 pm

Code: Select all

NoScript detected a potential Cross-Site Scripting attack

from https://accountonline.citi.com to https://stags.bluekai.com.

Suspicious data:

Error: Exceeded 20000ms timeout,(URL) https://stags.bluekai.com/site/63068?ret=html&phint=language&phint=product&phint=event&phint=category&phint=page&phint=section1&phint=section2&phint=section3&phint=section4&phint=productID&phint=__bk_t=Citi® Credit Cards - Login | Secure Sign-on&phint=__bk_k=&phint=__bk_l=https://accountonline.citi.com/cards/svc/LoginGet.do&limit=10&r=24413764

Re: Excessive Cross-scripting warnings

by barbaz » Sat Jul 13, 2019 3:54 pm

Could you please copy the message from these XSS warning dialogs and post it here?

Excessive Cross-scripting warnings

by edgracely » Sat Jul 13, 2019 3:08 pm

Until a few months ago, the XSS (Cross-scripting attack) warnings were rare and I could easily just accept the block. Now I get them multiple times a day on a wide variety of normal, safe, web sites.

I don't know when i can safely allow the XSS, so i usually block it.

But it is frustrating how often the warnings occur. Is it possible that NoScript has gotten a bit too sensitive to this? I don't want to turn it off, but is there a way for NoScript to help avoid attacks without warning of every trivial feature that might possibly, rarely, be used as an attack?

Are others finding the same thing?

I *could* always allow or always block -- but that makes me nervous. Always allow could be a problem if one time there is a real attack. Always block can be a problem because occasionally XSS is part of site functionality,

Thoughts?

Ed

Top