Search found 35 matches
- Fri Apr 15, 2016 8:48 am
- Forum: NoScript Support
- Topic: XSS & Marketwatch site
- Replies: 17
- Views: 13290
Re: XSS & Marketwatch site
Another example: https://www.vulnerabilitycenter.com/#!vul=55665 EDIT: Another problem has the same regression-range: The Web-GUI of SabNZBd 0.7.20 is in a permanent state of showing the loading-icon in the tabbar with 2.9.0.8rc1. The GUI itself is refreshing every 4 seconds, but the loading animati...
- Sun Apr 10, 2016 8:43 pm
- Forum: NoScript Support
- Topic: XSS & Marketwatch site
- Replies: 17
- Views: 13290
Re: XSS & Marketwatch site
As suspected, the XSS-errors and misbehaviors (repeated XSS-unsafe-reload-notification, no entry in the NS-menu) for both the bluekai- and beamdog-issue are the result of a regression. Last good: 2.9.0.6rc1 First bad: 2.9.0.8rc1 The versions in between either can't be installed in 24ESR or refuse to...
- Fri Apr 08, 2016 11:20 am
- Forum: NoScript Support
- Topic: XSS & Marketwatch site
- Replies: 17
- Views: 13290
Re: XSS & Marketwatch site
Well, Firefox 24 ESR is quite old NSS is marked as supporting Firefox 13 and newer, so I don't understand this remark. , and although several moderators (including myself) like Pale Moon, Giorgio is targeting Firefox. Does the page still work despite the errors? See my postings above. Rather than s...
- Mon Apr 04, 2016 8:04 am
- Forum: NoScript Support
- Topic: XSS & Marketwatch site
- Replies: 17
- Views: 13290
Re: XSS & Marketwatch site
I recommend that you completely block bluekai. Have you read the thread linked by barbaz? The fact that you don't see the XSS warnings with it blocked is a good thing. Maybe, but when it's allowed and the page is reloaded using "Unsafe Reload" after the first time the XSS-warning pops up,...
- Sat Apr 02, 2016 6:41 am
- Forum: NoScript Support
- Topic: XSS & Marketwatch site
- Replies: 17
- Views: 13290
Re: XSS & Marketwatch site
file:///D:/Users/Me%232/AppData/Roaming/Moonchild%20Productions/Pale%20Moon/Profiles/mggdaknq.default/extensions/%7B73a6fe31-595d-460b-a920-fcc0f8843232%7D.xpi!/components/noscriptService.js:1354 You are using Pale Moon (and disguising your user agent). Looks like NoScript has some difficulty with ...
- Wed Mar 30, 2016 1:42 pm
- Forum: NoScript Support
- Topic: Steam-stats - cross-site JS blocked
- Replies: 5
- Views: 2781
Re: Steam-stats - cross-site JS blocked
Yes, thanks.
Should I file a ticket over at BMO for not blocking the wrong-typed json with e10s enabled?
Should I file a ticket over at BMO for not blocking the wrong-typed json with e10s enabled?
- Wed Mar 30, 2016 11:38 am
- Forum: NoScript Support
- Topic: Steam-stats - cross-site JS blocked
- Replies: 5
- Views: 2781
Re: Steam-stats - cross-site JS blocked
Is newer Fx versions showing this message too? No. Which made me wonder why NS would block it in older Fx-versions, but not in newer ones. Reason: e10s. e10s on - No warning, JSONs loaded. e10s off - Warning, JSONs blocked. Should have also tested with the latest release-version, which has e10s dis...
- Tue Mar 29, 2016 5:34 pm
- Forum: NoScript Support
- Topic: Steam-stats - cross-site JS blocked
- Replies: 5
- Views: 2781
Steam-stats - cross-site JS blocked
Firefox 24 NS 2.9.0.10 (default settings) http://store.steampowered.com/stats/content/ steampowered.com and steamstatic.com are allowed. Opening the link (with Flash disabled) causes the the message: [NoScript] Blocking cross-site Javascript served from http://cdn.akamai.steamstatic.com/steam/public...
- Tue Mar 29, 2016 5:26 pm
- Forum: NoScript Support
- Topic: XSS & Marketwatch site
- Replies: 17
- Views: 13290
Re: XSS & Marketwatch site
I get the first error in the opening posting [NoScript XSS] xss.reason.TypeError: IOUtil.newChannelFromURI is not a function --- ChannelReplacement.prototype._init@chrome://noscript/content/ChannelReplacementLegacy.js:114 ... by visiting http://thefamiliar.beamdog.com/5.0/#!/articles/105651 with bea...
- Mon May 25, 2015 12:34 pm
- Forum: NoScript Development
- Topic: [Invalid] Error with window.open and 24ESR
- Replies: 2
- Views: 1445
Re: Error with window.open and 24ESR
I thought I had tested it good enough to rule out a false report, but I guess I was wrong. It's actually a bug in Firefox (introduced pre-24ESR and solved post-24ESR) and has nothing to do with NSS. Clicking on the link on http://jsfiddle.net/as03ohoc/39/ doesn't work, but clicking on it on http://f...
- Tue May 12, 2015 8:40 am
- Forum: NoScript Development
- Topic: [Invalid] Error with window.open and 24ESR
- Replies: 2
- Views: 1445
[Invalid] Error with window.open and 24ESR
Firefox 24ESR, NoScript 2.6.9.22 Default options http://jsfiddle.net/as03ohoc/39/ Allowed jsfiddle.net, jshell.net, togetherjs.com Clicking on "open window" should open a new window, but instead NoScript throws this error: Timestamp: 12.05.2015 10:39:26 Error: NS_ERROR_FAILURE: Component r...
- Thu May 29, 2014 3:28 pm
- Forum: NoScript Development
- Topic: Script blocked even when using "Allow scripts globally"
- Replies: 2
- Views: 1494
Script blocked even when using "Allow scripts globally"
On http://www.mywirecard.com/mastercard.html NS 2.6.8.26 blocks the following: [NoScript] Blocking cross-site Javascript served from http://jqueryjs.googlecode.com/files/jquery-1.3.2.js with wrong type info text/plain, attachment; filename="jquery-1.3.2.js" and included by http://www.mywir...
- Fri Feb 28, 2014 3:29 pm
- Forum: NoScript Development
- Topic: Closing plugin-placeholders shouldn't collapse their area
- Replies: 6
- Views: 3023
Re: Closing plugin-placeholders shouldn't collapse their are
Wow, thanks working fine. Much appreciated. I got a question: I don't know if this is within the scope of NS, but would it be possible to also show the placeholder when no flash-plugin (or other plugin) is installed? I'm asking because Firefox's built-in click-to-play-mechanic is interfering with th...
- Tue Feb 25, 2014 9:38 pm
- Forum: NoScript Development
- Topic: Closing plugin-placeholders shouldn't collapse their area
- Replies: 6
- Views: 3023
- Tue Dec 17, 2013 10:41 am
- Forum: NoScript Development
- Topic: NS + Australis and Classic Theme Restorer
- Replies: 1
- Views: 1356
NS + Australis and Classic Theme Restorer
When the NS-icon is placed into CTR's addonbar-replacement, the context-menu is the wrong way around, see: http://forums.mozillazine.org/viewtopic ... #p13250747 and the three following replies.