Page 1 of 1
XSS - how to block any requests
Posted: Tue Dec 05, 2017 6:13 am
by PeterL
Hi.
I'm using FF 57.0.1 and NS 10.1.5.3
I'm getting a large number of XSS warnings from just about every page. I'm choosing "Always block document requests from ... to ... adservice.google.com" (and similar)
How to I place a blanket XSS block from any website to adserve, facebook, twitter, etc?
Thanks for your help.
Peter
Re: XSS - how to block any requests
Posted: Tue Dec 05, 2017 7:00 am
by Just_Golem
have you tried 10.1.5.5 that has come out. Many XSS quirks have been solved with 10.1.5.4 and 10.1.5.5
Re: XSS - how to block any requests
Posted: Tue Dec 05, 2017 2:07 pm
by djl47
I've neen getting what look like false positive XSS warnings.
For example there were several of these stacked one on top of another (outbrain was set to default so how could it crossite script itself?):
Code: Select all
NoScript detected a potential Cross-Site Scripting attack
from http://widgets.outbrain.com to https://widgets.outbrain.com.
Suspicious data:
window.name
Re: XSS - how to block any requests
Posted: Tue Dec 05, 2017 9:10 pm
by PeterL
Just_Golem wrote:have you tried 10.1.5.5 that has come out. Many XSS quirks have been solved with 10.1.5.4 and 10.1.5.5
Thanks Just_Golem. Have just installed 10.1.5.5. Will try that today.
PeterL
Re: XSS - how to block any requests
Posted: Wed Dec 06, 2017 6:00 pm
by SlowSKier505
Re: XSS - how to block any requests
Posted: Thu Dec 14, 2017 3:12 am
by Niubi
I've been getting the same warning every time i open my Firefox 57.0.2 (latest ver). That xss cross site scripting: fhtmb.tqn.com, registered to Fastly. I don't recall I ever use Fastly.
False positive or it is a threat?