Pushing this issue up again since I ran into it today and found it hard to pin down. The error that eventually would appear in the window is:
"NoScript filtered a potential cross-site scripting (XSS) attempt from [chrome:]. Technical details have been logged to the Console.
This error occurred on two different boxes running FF 53.02 (32-bit) (one Windows 10, the other Windows 7).
fandeath's solution above resolved the problem for me. Thank You!
In order to whitelist the Mozilla "discovery" addons site for Cross-Site Scripting, I added the following regular expression on a new line to the No Script Options -> Advanced -> Anti-XSS Protection Exceptions list:
Code: Select all
^https://discovery\.addons\.mozilla\.org.*$
Mmmm...looking at this now, I suppose this would leave open the possibility of someone somehow using that as a subdomain to some malicious domain in order to bypass the XSS protection (i.e., discovery.addons.mozilla.org.baddomain.bad. I wonder if someone can tweak this regex and then this can be added as a default exception?
Pushing this issue up again since I ran into it today and found it hard to pin down. The error that eventually would appear in the window is:
"NoScript filtered a potential cross-site scripting (XSS) attempt from [chrome:]. Technical details have been logged to the Console.
This error occurred on two different boxes running FF 53.02 (32-bit) (one Windows 10, the other Windows 7).
fandeath's solution above resolved the problem for me. Thank You!
In order to whitelist the Mozilla "discovery" addons site for Cross-Site Scripting, I added the following regular expression on a new line to the No Script Options -> Advanced -> Anti-XSS Protection Exceptions list:
[code]^https://discovery\.addons\.mozilla\.org.*$[/code]
Mmmm...looking at this now, I suppose this would leave open the possibility of someone somehow using that as a subdomain to some malicious domain in order to bypass the XSS protection (i.e., discovery.addons.mozilla.org.baddomain.bad. I wonder if someone can tweak this regex and then this can be added as a default exception?