Trying to visit e.g. https://web.archive.org/web/20160115151 ... uthor/John with NoScript 11.2.4rc1 spams so many requests to archive.org that they temporarily banned my IP. These request are to their archived versions of twemoji.maxcdn.com SVGs.
These requests do not happen with NoScript 11.2.3.
How to stop this?
EDIT Downgrading to 11.2.3 has made *all* my browsing MUCH faster. I suspect this is not the only site that 11.2.4rc1 is DoSing.
[Fixed] 11.2.4rc1 DoS's some sites
[Fixed] 11.2.4rc1 DoS's some sites
*Always* check the changelogs BEFORE updating that important software!
-
-
- Master Bug Buster
- Posts: 244
- Joined: Wed Jan 10, 2018 7:37 am
Re: 11.2.4rc1 DoS's some sites
Get the same problem. Though, there are lots of pages where I see no prefetching even when I would expect it. Are all CSS resources supposed to be prefetched or what are the conditions?
Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: 11.2.4rc1 DoS's some sites
- It's supposed to fetch all the resources referenced by all the stylesheets in the page at once (causing this problem in situations when the resources are many more than those actually supposed to be used by the site): the work around is prefetching just one for each subdomain, the way I had originally implemented but discarded in RC1, hoping to avoid this "odd" behavior which can reveal site owners you're using NoScript. On the other hand, there are plenty ways to tell already, so I'm reverting to my first idea.
- The missing resources are from cross-site stylesheets, which cannot be easily parsed because of security restrictions. I'm working around this as well, by limiting this mitigation to scriptless pages only (where it makes sense, because JavaScript is much more easy and accurate at doing the same job) and overriding CORS there for stylesheets, which anyway then could be accessed only by privileged code such as NoScript.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:87.0) Gecko/20100101 Firefox/87.0
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: 11.2.4rc1 DoS's some sites
Please check [ldb], thanks.
v 11.2.4rc2
============================================================
x [nscl] Switch to NSCL for messaging
x [nscl] Rollback unneded window.opener patching (thanks
skriptimaahinen for insight)
x CSS PP0 mitigation: cross-site stylesheets on scriptless
pages, one resource per host
x Limit CSS PP0 mitigation to scriptless pages and prefetch
only cross-site resources
v 11.2.4rc2
============================================================
x [nscl] Switch to NSCL for messaging
x [nscl] Rollback unneded window.opener patching (thanks
skriptimaahinen for insight)
x CSS PP0 mitigation: cross-site stylesheets on scriptless
pages, one resource per host
x Limit CSS PP0 mitigation to scriptless pages and prefetch
only cross-site resources
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:87.0) Gecko/20100101 Firefox/87.0
Re: 11.2.4rc1 DoS's some sites
Fixed in 11.2.4rc2, thanks
*Always* check the changelogs BEFORE updating that important software!
-