Hi,
I am hoping someone can help me figure out how to write an XSS Expression or find away to view my own web site when I am at home. I have an Apache Web Server running on my local home net work and when I'm at one of my local worksations NoScript will not let me view the site, it pops up a warning that ABE or one of the advanced setting is preventing the page for loading. The only way to get around it is to Disable it or allow Global Scripts (Dangerous). I want to keep as many of the protections offered by NoScript running but still be able to upload, download and perform maintenance to the the site. Any suggestion or recommendations will be great appreciated.
Thank You,
Jay Kinkade
[Resolved] XSS Exspression for Server Running On Local IP
[Resolved] XSS Exspression for Server Running On Local IP
Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0
-
Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: XSS Exspression for Server Running On Local IP
Could you please post here the exact message(s) you get from ABE?
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0
Re: XSS Exspression for Server Running On Local IP
Thanks for your quick response, sorry I should have been more clear. Here is the warning message I get when I try to load my forum page:
'Request {GET https://www.tictoctunes.com/forum/index.php?sid=somesid <<< https://www.tictoctunes.com/forum/ -6} filtered by ABE: <LOCAL> Deny'
The CSS style sheet does not load. Can I just put 'accept from local' under the User tab of the ABE options? It seems to be listed for System ?
Thanks Again for your help.
Jay
'Request {GET https://www.tictoctunes.com/forum/index.php?sid=somesid <<< https://www.tictoctunes.com/forum/ -6} filtered by ABE: <LOCAL> Deny'
The CSS style sheet does not load. Can I just put 'accept from local' under the User tab of the ABE options? It seems to be listed for System ?
Thanks Again for your help.
Jay
Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0
Re: XSS Exspression for Server Running On Local IP
No, 'Accept from local' won't work, because as you say, it's already in the system ruleset. ABE must be getting confused about what is and isn't local.Jahzoone wrote:Thanks for your quick response, sorry I should have been more clear. Here is the warning message I get when I try to load my forum page:
'Request {GET https://www.tictoctunes.com/forum/index.php?sid=somesid <<< https://www.tictoctunes.com/forum/ -6} filtered by ABE: <LOCAL> Deny'
The CSS style sheet does not load. Can I just put 'accept from local' under the User tab of the ABE options? It seems to be listed for System ?
You could try changing the system rule to:
Code: Select all
Site LOCAL
Accept from LOCAL
Accept from https://www.tictoctunes.com
Deny
Code: Select all
Site LOCAL https://www.tictoctunes.com
Accept from LOCAL
Accept from https://www.tictoctunes.com
Deny
Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:18.0) Gecko/20100101 Firefox/18.0
Re: XSS Exspression for Server Running On Local IP
OK, I'll give that a try tonight when I get home and post the results tomorrow. Thanks for the sugeestion 
Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0
Re: XSS Exspression for Server Running On Local IP
I am pleased to report that adding the line 'Accept from https://www.tictoctunes.com' to the ABE System Rules did the trick. Now the pages load and I have no warning messages. Thank you to everyone who help with this thread 
Best Regards,
Jay Kinkade
Best Regards,
Jay Kinkade
Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0