recurring XSS popup??

Ask for help about NoScript, no registration needed to post
lancelot

Re: recurring XSS popup??

Post by lancelot » Sun Feb 11, 2018 3:18 pm

The warnings for imdb are finally gone. But now I ran into this:

http://www.telegraph.co.uk/culture/book ... eview.html

gives

NoScript detected a potential Cross-Site Scripting attack
from [...] to http://www.telegraph.co.uk.
Suspicious data:
(URL) http://www.telegraph.co.uk/culture/book ... eview.html

What does Suspicious data: URL even mean?
Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0

Guest

Re: recurring XSS popup??

Post by Guest » Thu Jul 11, 2019 8:44 am

It is july 2019 now, running Noscript on Firefox.
This problem with XSS warnings grew over the years, and today it reaches the limit. The end game now is that I cannot click any site in Google (even Google itself) or I need to add it to the 'allowed' list. Even already loaded tabs that I revisit needs it.
One day my memory will be full...

This has become a pointless mechanism.

Noscript has more problems: even with everything trusted on a site, in some cases some parts can be kept blocked without you knowing. Only turning off Noscript will allow you to see them then. It has been that way for years.
Mozilla/5.0 (Windows NT 6.1; rv:67.0) Gecko/20100101 Firefox/67.0

User avatar
therube
Ambassador
Posts: 7384
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Re: recurring XSS popup??

Post by therube » Thu Jul 11, 2019 11:36 am

(Was on Yahoo the other day, I was getting a seemingly "endless" number of XSS warnings there, simply by scrolling down the page...?
I simply ignored the popups, best I could. Don't know what triggered it. Doesn't seem to be happening currently.
Maybe there was a rightful reason it was occurring?)
even with everything trusted on a site, in some cases some parts can be kept blocked without you knowing
Where?
It was noted before, that sometimes that occurred with 'disable restrictions for this tab', where 'allow globally' worked.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.5

barbaz
Senior Member
Posts: 9094
Joined: Sat Aug 03, 2013 5:45 pm

Re: recurring XSS popup??

Post by barbaz » Thu Jul 11, 2019 1:49 pm

Guest wrote:
Thu Jul 11, 2019 8:44 am
This has become a pointless mechanism.
Would've been a lot easier for you to just disable the XSS filter than waste time ranting on this forum, wouldn't it?
Guest wrote:
Thu Jul 11, 2019 8:44 am
Noscript has more problems: even with everything trusted on a site, in some cases some parts can be kept blocked without you knowing. Only turning off Noscript will allow you to see them then. It has been that way for years.
Vague ranting isn't going to get you any help.
*Always* check the changelogs BEFORE updating that important software!
-

Post Reply