XSS block/allow pop up

Post a reply

Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:

BBCode is ON
[img] is ON
[url] is ON
Smilies are ON

Topic review
   

Expand view Topic review: XSS block/allow pop up

Re: XSS block/allow pop up

by kevinoid » Sun Dec 03, 2017 3:38 am

kevinoid wrote:
grizzler wrote:The popup is completely blank on my system, so there isn't even a way to indicate what I want done.
I'm seeing the same behavior on Debian, both with the firefox 57.0.1-1 package and with Firefox 57.0.1, 58.0b8, and 59.0a1 nightly downloaded from mozilla.org today.
I can no longer reproduce the issue with NoScript 10.1.5.3 (10.1.5.2 not tested). It appears to be fixed for me. Thank you!

Re: XSS block/allow pop up

by Mr.XSS » Sat Dec 02, 2017 10:40 am

Much better with the latest 10.1.5.1 now. The dialog now has a "Always block cross-site requests from site X to Y" checkbox - and it seems to do the trick. It's possible to visit sites like imdb.com again, without tons of repeating popups.
Thanks! :)

Re: XSS block/allow pop up

by Just_Golem » Sat Dec 02, 2017 10:30 am

To all Linux users getting the Blank XSS box

Use this workaround to get text field back until this gets solved

Just resize the Blank Window, even by just 1 pixel either way. Text will become visible including Options and Check boxes

https://twitter.com/Just_Golem/status/9 ... 5763637251

Re: XSS block/allow pop up

by aussiebill » Sat Dec 02, 2017 7:47 am

I am getting the same issue too.

But it seems to be saving scripts in the background as they always popup after opening FF after closing it down after getting the Xscript error.

I suppose we are getting these "Teething Issues" ,annoying but at least you know its working.

Re: XSS block/allow pop up

by kevinoid » Sat Dec 02, 2017 5:51 am

Guest wrote:
grizzler wrote:The popup is completely blank on my system, so there isn't even a way to indicate what I want done.
I'm getting the same behaviour, but I've found that resizing the popup box forces a redraw and fixes it, so it is merely annoying now.

I'm using Debian GNU/Linux "Sid" version.
I'm seeing the same behavior on Debian, both with the firefox 57.0.1-1 package and with Firefox 57.0.1, 58.0b8, and 59.0a1 nightly downloaded from mozilla.org today. For me it's completely reproducible: I can create a fresh profile, install NoScript, then search for "!sp test" on DuckDuckGo and I get a blank NoScript XSS Warning window every time. Resizing the window makes the content become visible.

Is anyone seeing this behavior on non-Debian systems? Is this likely a NoScript bug or a Firefox bug? Any suggestions for how to further test/isolate the issue would be appreciated.

Re: XSS block/allow pop up

by MisanthropicScott » Wed Nov 29, 2017 5:11 pm

I'd like this option as well. In fact, one of the very common XSS requests from a great number of sites is for FaceBook. It might even be good to add an option to block all XSS requests to a particular site, like FaceBook, regardless of the source site.

I'd also like to echo the point about the new options for enabling and disabling scripts being far more confusing than the old 3 valued choice of allow, block, or temporarily allow. I finally found the option for temporary. It was far from obvious. But, many of the other choices are very confusing to non-web developers. I was a middleware developer for most of the 23 years of my career, so am at least mildly geeky (even if not in the field of web development) and find these options difficult to understand.

Re: XSS block/allow pop up

by Guest » Thu Nov 23, 2017 4:23 am

grizzler wrote:The popup is completely blank on my system, so there isn't even a way to indicate what I want done.
I'm getting the same behaviour, but I've found that resizing the popup box forces a redraw and fixes it, so it is merely annoying now.

I'm using Debian GNU/Linux "Sid" version.

Also, a hearty me-too for an always block option.

Re: XSS block/allow pop up

by barbaz » Wed Nov 22, 2017 7:32 pm

grizzler wrote:This add-on is now officially junk in my book.
Your frustration is understandable, and NoScript 10 may be unusable for you atm, but let's keep the comments at a reasonable level. NoScript 10 is still in very early stages and needs a lot of work.

If you prefer to use Pale Moon with NoScript Classic for the time being, feel free, NoScript Classic will be supported until June 2018.

Re: XSS block/allow pop up

by grizzler » Wed Nov 22, 2017 7:09 pm

The popup is completely blank on my system, so there isn't even a way to indicate what I want done.

This add-on is now officially junk in my book. I temporarily switch it off in the add-on manager whenever it does something that bothers me, but I'm not going to keep doing that forever...

I'm even moving to Pale Moon from time to time... :(

Re: XSS block/allow pop up

by NoCaker » Wed Nov 22, 2017 2:16 am

Having the same issue, and it's driving me nuts!
Previous NoScript silently blocked them in the background, which is exactly what I want.

Here I get spammed with 10s of pop-ups on certain sites when browsing.

Re: XSS block/allow pop up

by wassz » Tue Nov 21, 2017 11:36 pm

Seconded, or some real way to turn off XSS notifications, the new options page seems to be very minimal and none of the options (even allow scripts globally) seems to stop the XSS prvevntion popups

Re: XSS block/allow pop up

by Please Keep Private » Tue Nov 21, 2017 9:29 pm

Thanks for all the the good work on NoScript 10 for firefox quantum.

Would it be too much to request a "always block" option in addition to "always allow" so it stops asking over and over?

Thanks.

XSS block/allow pop up

by ventuz » Tue Nov 21, 2017 8:58 pm

With the new Firefox 57 update, I'm getting TON of annoying XSS block/allow pop up. Can't I turn off the pop up?

The FAQ said there is way to turn off, but I don't see the option. All I see in option is:

1. [unchecked] Scripts Globally Allowed (dangerous)
2. [checked]Sanitize cross-site suspicious requests -- both check and uncheck doesn't do anything to popup
3. [unchecked] debug

Image

Top