Wacky XSS Script HELP SOS!

Ask for help about NoScript, no registration needed to post
Sad Big Daddy

Wacky XSS Script HELP SOS!

Post by Sad Big Daddy » Tue Dec 05, 2017 2:48 pm

NoScript XSS Warning

NoScript detected a potential Cross-Site Scripting attack

from [...] to https://fthmb.tqn.com.

Suspicious data:

(URL) https://fthmb.tqn.com/Q-GOXtgRsPkQrcfH9YIs_iZ3eYc=/1001x1001/filters:fill(auto,1)/lifewire_pin_default-5...

Block this request
Always block document requests from [...] to https://fthmb.tqn.com
Allow this request
Always allow document requests from [...] to https://fthmb.tqn.com

I get this warning and another similar one, with a different website. It continuously pops up, no matter what I do. The two pop ups have occurred about 100 times between them.

Please save us and may God have mercy on our souls.
Last edited by barbaz on Tue Dec 05, 2017 3:41 pm, edited 1 time in total.
Reason: kill board-generated links
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:57.0) Gecko/20100101 Firefox/57.0

barbaz
Senior Member
Posts: 9343
Joined: Sat Aug 03, 2013 5:45 pm

Re: Wacky XSS Script HELP SOS!

Post by barbaz » Tue Dec 05, 2017 3:48 pm

Your duplicate cross-post in https://forums.informaction.com/viewtop ... =7&t=24067 has been deleted. Consider this a warning per Forum Rules #8.
Sad Big Daddy wrote:I get this warning and another similar one, with a different website. It continuously pops up, no matter what I do. The two pop ups have occurred about 100 times between them.

Please save us and may God have mercy on our souls.
Which NoScript version are you using?
What site are you on when you see the warning you posted? Or do you have the New Tab page (or similar) open?
*Always* check the changelogs BEFORE updating that important software!
-

User avatar
SyberCorp
Posts: 17
Joined: Tue Nov 14, 2017 3:05 pm
Location: Indianapolis, IN

Re: Wacky XSS Script HELP SOS!

Post by SyberCorp » Tue Dec 05, 2017 6:39 pm

barbaz wrote:Your duplicate cross-post in https://forums.informaction.com/viewtop ... =7&t=24067 has been deleted. Consider this a warning per Forum Rules #8.
Sad Big Daddy wrote:I get this warning and another similar one, with a different website. It continuously pops up, no matter what I do. The two pop ups have occurred about 100 times between them.

Please save us and may God have mercy on our souls.
Which NoScript version are you using?
What site are you on when you see the warning you posted? Or do you have the New Tab page (or similar) open?
It happens to me, too. It has happened from 10.1.3 to 10.1.5.5, that I've noticed. Every time I visit IMDB (http://www.imdb.com), for example, I get multiple popup windows about XSS attacks between IMDB and facebook.com, followed by IMDB to amazon-adsystem.com or something like that. Sometimes they're between IMDB and other parts of IMDB for image hosting. I hit "Always allow" on the first one, and "Always block" on the second one (or any about ads), but they come back upon every visit, like NoScript isn't properly saving user responses about XSS.

These are the 2 warnings that I get just from visiting imdb.com (without even getting as far as searching for anything).

https://imgur.com/a/PcLPD

https://imgur.com/a/8GfIx

It doesn't matter if I always allow the request, I will get them again once I close my browser and I go to the site.
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0

User avatar
SlowSKier505
Posts: 5
Joined: Wed Dec 06, 2017 4:22 pm

Re: Wacky XSS Script HELP SOS!

Post by SlowSKier505 » Wed Dec 06, 2017 4:44 pm

This happens to me too. I'm using 10.1.5.5. It's almost always a Facebook request from a news site (The NYT, Washington Post, etc.). No matter what I select, Allow, Block, Always Allow, or Always Block (Always Block is what I want), it continues to periodically repeat the warning.

Here's an example:

https://i.imgur.com/bw6CRT7.jpg
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0

Post Reply