InformAction Forums

(it does get the record, it just can't direct me to the actual target page?) No, otherwise bypassing ABE to do CSRF would be as simple as making the CSRF request a redirection. It can't work that way. The site never receives the request, so doesn't get the record. Don't know if that's so. As an exa...

Hi! This has been bugging me a lot occasionally. When there's ABE rule, that Allow certain pages, but Deny rest, any redirections outside of the allowed sites get blocked. That's fine, I anyways have things like "tradedoubler" blocked, so I don't mind that it doesn't get a record of my act...

barbaz wrote:Does that clarify it for you?

If you simply would have said earlier that NoScript simply visits WANIP:80, I would have understood so much quicker. That's rather odd behavior for the modem.

Darn I feel silly.

I don't see how it has anything to do with obtaining my WAN IP that NoScript contacts to my LAN server. NoScript fingerprints your WAN IP - meaning, your modem. As part of it, it checks a certain port. The modem detects a request on said port, and forwards it to your local server, because you have ...

I think NoScript is fingerprinting the device on your WAN IP so that it can protect it better - notably, as said in one the already linked articles, it checks every 5 minutes or so to see if the fingerprint changed, and if it has, it re-obtains the WAN IP. It's maybe also checking to see if you're ...

I edited my questions to a single question, to prevent any further answers telling me what I already know. Dont' get me wrong, Rollo and Thrawn, I do appreciate the effort, but your answers aint helping. I'm fully aware (after reading related documentation even before my first post ) that NoScript v...

Probably this: https://hackademix.net/2010/07/28/abe-patrols-the-routes-to-your-routers/ I've also read the post where the URL in user-agent string points to, thus I have some idea about what's going on. https://hackademix.net/2010/08/01/al_9x-was-right-my-router-is-safe/ As I expected when I first...

Hi! I have a home server (Debian) in my LAN, and have set a port-forwarding from my VDSL-modem so that the www-part could be reached from WAN. I've been browsing the access-log, and editing fail2ban jail-filter to block out bots (and gosh they're plenty). But I find this rather odd: xxx.xxx.xxx.xxx ...

... Pity it can't be self-disappearing with set time-limit, like blocked scripts notification. That's actually a very good idea, and unless I'm mistaken, would require much less modification of the code than the existing TODO of configuring the ABE notifications always to stay inside the screen and...

"pyyntö" translates to "request", per an online dictionary. Very correct. @ F-3000 : Until this is fixed, you can disable the notifications in NoScript Options > Notifications . Uncheck "ABE". When the page is blocked, you can read the error message in Error Console (C...

When I opened a certain page, the NoScript-notify that informed about blocked facebook-content caused that the browser GUI stretched so that it became impossible to even close the notify. The page that triggered the notify had auto-center for the content-element, so it became unbrowseable for half o...

Seems to be working, thank you.

Thrawn wrote:

Code: Select all

Accept from .google.com .google.com.au .youtube.com
Accept from ^moz-nullprincipal:\{.*}

Does this really work? I mean both, two Accept-lines, and the moz-nullprincipal?

Giorgio Maone wrote:As soon as I can do it (if it's possible) I'm gonna treat them as "same origin", as it was before.

I hope it'll be possible. Until then, I'll just turn the USER-rules off.

[ABE] <.facebook.com .facebook.net .fbcdn.com .fbcdn.net> Anonymize on {GET https://www.facebook.com/ <<< moz-nullprincipal:{dacad0e7-7c2a-4dee-874c-f791d9d64374} - 6} I keep getting similar block with everything I have ABE rule with, when trying to enter the site. Pyyntö {GET https://www.facebook....