this last error had a message:
[NoScript XSS] xss.reason.Error: XSS checks couldn't complete: DOS attempt? {GET http://l40ghtcrdqj07iki5cd196mh1ocrnsj6 ... signedin=1 <<< http://www.google.com/ig?hl=en&source=iglk&refresh=1, http://www.google.com/ig?hl=en&source=iglk&refresh=1} --- Error("XSS checks couldn't complete: DOS attempt? {GET http://l40ghtcrdqj07iki5cd196mh1ocrnsj6 ... signedin=1 <<< http://www.google.com/ig?hl=en&source=iglk&refresh=1, http://www.google.com/ig?hl=en&source=iglk&refresh=1}")@:0
()@chrome://noscript/content/RequestWatchdog.js:66
()@chrome://noscript/content/Thread.js:100
XXS related RequestWatchdog.js hang
Re: XXS related RequestWatchdog.js hang
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090803 Ubuntu/9.04 (jaunty) Shiretoko/3.5.2
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: XXS related RequestWatchdog.js hang
OK, thanks. Analyzing...
In the meanwhile the following line added in the NoScript Options|Advanced|XSS exceptions box should help:
In the meanwhile the following line added in the NoScript Options|Advanced|XSS exceptions box should help:
Code: Select all
^@http://www\.google\.com/ig\b
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2 (.NET CLR 3.5.30729)
Re: XXS related RequestWatchdog.js hang
Hi, I have had the same problem with https://cernaccount.web.cern.ch, and I've tried to whitelist the site, but failed to do it properly (I'm no regex guru), and ended up finding out that the problem ceases if the "Turn cross-site POST requests into data-less GET requests" is turned off.
I'm using Slackware 12.0, firefox 3.5.2, NoScript 1.9.8.7
Hope this bit of information helps your debugging. If more is needed, I'll be glad to help.
Regards,
Renato.
I'm using Slackware 12.0, firefox 3.5.2, NoScript 1.9.8.7
Hope this bit of information helps your debugging. If more is needed, I'll be glad to help.
Regards,
Renato.
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2
Re: XXS related RequestWatchdog.js hang
How about posting the XSS message that is generated for you?
And you get it on the particular page that you posted above? Do you need to be logged in for the XSS message to generate?
And you get it on the particular page that you posted above? Do you need to be logged in for the XSS message to generate?
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.23) Gecko/20090825 SeaMonkey/1.1.18