The just-released 2.9.0.5 still has this problem.barbaz wrote:Actually does latest development build 2.9.0.5rc3 still have this problem?
Search found 4 matches
- Thu Mar 17, 2016 6:35 pm
- Forum: NoScript Support
- Topic: XSS false positive breaks OpenID on stackexchange sites
- Replies: 8
- Views: 4058
Re: XSS false positive breaks OpenID on stackexchange sites
- Tue Aug 04, 2015 12:06 am
- Forum: NoScript Support
- Topic: XSS false positive breaks OpenID on stackexchange sites
- Replies: 8
- Views: 4058
Re: XSS false positive breaks OpenID on stackexchange sites
FYI, I don't remember this being a problem when I logged in to stackexchange yesterday. Unless my memory is failing me, it's probably related to a new login system that they apparently patched today.
- Mon Aug 03, 2015 11:56 pm
- Forum: NoScript Support
- Topic: XSS false positive breaks OpenID on stackexchange sites
- Replies: 8
- Views: 4058
Re: XSS false positive breaks OpenID on stackexchange sites
Done.Giorgio Maone wrote:Could you please PM or email me the exact [NoScript XSS] and [InjectionChecker] messages you get in the browser console?
Thanks!
- Mon Aug 03, 2015 10:02 pm
- Forum: NoScript Support
- Topic: XSS false positive breaks OpenID on stackexchange sites
- Replies: 8
- Views: 4058
XSS false positive breaks OpenID on stackexchange sites
NoScript 2.6.9.34's XSS protection currently breaks OpenID login on stackexchange (and sister sites including stackoverflow.com). I'm testing with a launchpad.net OpenID. The browser console shows several "[NoScript XSS] Sanitized suspicious request" messages, a yellow banner says "No...