XSS Warning on Background Tab that loads Media

Ask for help about NoScript, no registration needed to post
User avatar
therube
Ambassador
Posts: 7405
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

XSS Warning on Background Tab that loads Media

Post by therube » Sat Jul 27, 2019 5:29 pm

XSS Warning on Background Tab that loads Media

Oh, no idea what I'm talking about, but I think it's something like that.

Error: Exceeded 20000ms timeout

Thinking that on a media page that auto-plays, if you open multiple links in background tabs, then don't interact with them until > 20000ms, well...


Kind of like how in NoScript 5, ClearClick blocks page refresh until focus is returned to the page (if it was elsewhere).
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.5

barbaz
Senior Member
Posts: 9139
Joined: Sat Aug 03, 2013 5:45 pm

Re: XSS Warning on Background Tab that loads Media

Post by barbaz » Sun Jul 28, 2019 2:35 am

Could you please post the full content of one of these XSS warnings?
*Always* check the changelogs BEFORE updating that important software!
-

User avatar
therube
Ambassador
Posts: 7405
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Re: XSS Warning on Background Tab that loads Media

Post by therube » Sun Jul 28, 2019 4:57 pm

Got multiple here, then tried to reproduce & couldn't.

Other times that I've gotten similar (I simply tend to dismiss) it was often something like sitename & sitenamecdn which I likened to ClearClick like behavior. So this one is a bit different in that respect.

Code: Select all

NoScript detected a potential Cross-Site Scripting attack

from https://www.crunchyroll.com to https://www.facebook.com.

Suspicious data:

Error: Exceeded 20000ms timeout,(URL) https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https://staticxx.facebook.com/connect/xd_arbiter.php?version=44#cb=f3280f318562486&domain=www.crunchyroll.com&origin=https%3A%2F%2Fwww.crunchyroll.com%2Ff37a56209ec1534&relation=parent.parent&container_width=300&href=https://www.facebook.com/Crunchyroll&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=true
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.5

Post Reply