Search found 44 matches

by pal1000
Mon Mar 07, 2022 2:30 pm
Forum: NoScript Development
Topic: [Firefox] NS11.3.x - Some domains are not listed sometimes
Replies: 4
Views: 2207

Re: [Firefox] NS11.3.x - Some domains are not listed sometimes

I tested this further and I noticed that going to cool-etv.net home page, then opening an affected channel in a new tab like I did in video increases odds of reproducibility. I also believe this may be a timing / race condition issue that is more likely to affect slower devices more often. I saw rar...
by pal1000
Thu Mar 03, 2022 10:53 pm
Forum: NoScript Development
Topic: [Firefox] NS11.3.x - Some domains are not listed sometimes
Replies: 4
Views: 2207

Re: [Firefox] NS11.3.x - Some domains are not listed sometimes

All about:config modified settings - https://pal1000.github.io/shared/bugreports/about_config.txt Other extension: Browsec VPN (disabled) I am pretty sure the problem was there before installing Browsec on February 22. about:config manually modified settings: dom.popup_allowed_events extensions.pock...
by pal1000
Thu Mar 03, 2022 4:48 pm
Forum: NoScript Development
Topic: [Firefox] NS11.3.x - Some domains are not listed sometimes
Replies: 4
Views: 2207

[Firefox] NS11.3.x - Some domains are not listed sometimes

Similar report but not necessarily same issue - https://forums.informaction.com/viewtopic.php?f=10&t=26553 I encountered this all around 11.3.x development including 11.3.7. Reproduced on https://www.cool-etv.net/ (https://cdnjs.cloudflare.com is not listed, see video). Video reproducer: https:/...
by pal1000
Wed Jun 17, 2020 9:28 pm
Forum: NoScript Development
Topic: GET request over file protocol glitch
Replies: 0
Views: 4028

GET request over file protocol glitch

Create a HTML document and open it over file protocol with a random GET request payload, per testcase itself: <html> <head> <title>NoScript - GET request over file protocol glitch</title> </head> <body> <script> document.write('Open this page with a random GET request and this active content won&...
by pal1000
Fri Jun 14, 2019 7:49 pm
Forum: NoScript Support
Topic: [Answered] What happened with NoScript json options xssBlockUnscannedPOST and xssScanRequestBody
Replies: 3
Views: 1794

Re: Asking about NoScript json options xssBlockUnscannedPOST and xssScanRequestBody

Thanks both for answering. It looks like my guess was right. I marked this question topic as answered.
by pal1000
Fri Jun 14, 2019 10:54 am
Forum: NoScript Support
Topic: [Answered] What happened with NoScript json options xssBlockUnscannedPOST and xssScanRequestBody
Replies: 3
Views: 1794

[Answered] What happened with NoScript json options xssBlockUnscannedPOST and xssScanRequestBody

I have a relatively old noscript_data.txt from 10.6.2 release candidates period backed up with these 2 options: xssScanRequestBody is true and xssBlockUnscannedPOST is false. I also noticed that a fresh copy of Noscript 10.6.3rc7 doesn't create these options in its configuration json anymore and the...
by pal1000
Fri May 24, 2019 7:01 am
Forum: NoScript Support
Topic: [Resolved] Just a false positive please ignore
Replies: 2
Views: 1803

Re: Some sites require some permissions in default preset to work even if same permissions are granted by trusted preset

Well, this is embarrassing. I got the impression that allowing www.googleapis.com didn't help but I was wrong.
by pal1000
Thu May 23, 2019 11:04 am
Forum: NoScript Support
Topic: [Resolved] Just a false positive please ignore
Replies: 2
Views: 1803

[Resolved] Just a false positive please ignore

I personally believe this is a bug. It only affects Firefox. Some examples to reproduce with: - https://storage.googleapis.com/chromium-browser-snapshots/index.html - https://commondatastorage.googleapis.com/chromium-browser-snapshots/index.html For any of these 2 pages if default preset doesn't hav...
by pal1000
Sun Jul 29, 2018 9:14 am
Forum: NoScript Development
Topic: [FIXED]Cannot act on unprivileged content in privileged page
Replies: 1
Views: 3939

[FIXED]Cannot act on unprivileged content in privileged page

It is possible for privileged pages to load unprivileged content. Most obvious example that comes to mind is a web page served over file protocol. It can contain anything so it can load unprivileged content. Noscript should be able to act on unprivileged content and notify the user that there is pri...
by pal1000
Fri Apr 27, 2018 3:22 pm
Forum: NoScript Development
Topic: [Fixed] 10.1.8.1RC3 - Missing frames popup content
Replies: 2
Views: 2271

Re: [Fixed] 10.1.8.1RC3 - Missing frames popup content

Thanks for the quick fix. It appears I was beaten to it when reporting this, but it's unsurprising considering this was a pretty nasty one as it breaks most HTML5 videos and audio.
by pal1000
Fri Apr 27, 2018 2:21 pm
Forum: NoScript Development
Topic: [Fixed] 10.1.8.1RC3 - Missing frames popup content
Replies: 2
Views: 2271

[Fixed] 10.1.8.1RC3 - Missing frames popup content

The popup list no longer shows domains accessed from frames. This is a regression in 10,1.8.1rc3. I was able to easily reproduce this here: https://www.helpnetsecurity.com/2018/04/27/fortanix-runtime-encryption/ There is a soundcloud player in an iframe there but you won't be able to activate it usi...
by pal1000
Sat Apr 14, 2018 8:43 am
Forum: NoScript Support
Topic: [RESOLVED] NoScript Update feed
Replies: 20
Views: 11266

Re: NoScript Update feed

This is the one I was looking at https://noscript.net/feed?all You linked it somewhere on 1st page, maybe it was a mistake or you made changes to feeds location and the post became out-of-date. Here is the post I am talking about: https://forums.informaction.com/viewtopic.php?f=7&t=24136#p96028 ...
by pal1000
Fri Apr 13, 2018 8:46 am
Forum: NoScript Support
Topic: [RESOLVED] NoScript Update feed
Replies: 20
Views: 11266

Re: NoScript Update feed

The all releases feed is broken. It shows the same content as stable feed.
by pal1000
Thu Apr 05, 2018 1:21 pm
Forum: NoScript Development
Topic: NS10: TRUSTED<->TEMP TRUSTED no reload needed
Replies: 5
Views: 3874

NS10: TRUSTED<->TEMP TRUSTED no reload needed

There is no need to reload the webpage when permission change from trusted to temp trusted or other way around.