InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

XSS Dialog should offer more options for request blocking

https://forums.informaction.com/viewtopic.php?t=25092

Page 1 of 1

XSS Dialog should offer more options for request blocking

Posted: Sun Jul 29, 2018 7:30 am
by KonomiKitten
Currently my xssUserChoices looks like this (Excuse the image I'm somehow triggering spam filters?):

Image

Now it's pretty obvious I don't want XSS between *.fls.doubleclick.net and adservice.google.com, but because of how they have used multiple sub domains I have to make this choice over and over. It would be nice if in the dialog NoScript drilled down a subdomain or a few to allow me to not have to keep answering the same question for this.

Re: XSS Dialog should offer more options for request blockin

Posted: Thu Aug 09, 2018 8:03 pm
by bathsheba
Yes please. Very tired of blocking these repetitive dialogs.
Thanks.

Re: XSS Dialog should offer more options for request blockin

Posted: Thu Aug 09, 2018 8:47 pm
by musonius
Wouldn't it help to block both doubleclick.net and adservice.google.com?
I see no reason to allow anything from these sites and blocking both should stop cross-site scripting and the need to block it.

Re: XSS Dialog should offer more options for request blocking

Posted: Wed Sep 16, 2020 10:24 pm
by gst812
I know this is a very old thread, but I was looking into the exact same thing and was wondering, is there a way to use wildcards in the xssUserChoices keys?
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited