Hi There,
I discovered a bug in NS when using it with online bins like anonbin or private bin..etc when i try to post very big text (software or System logs)
To Reproduce:
- Make NoScript visible in browser toolbar
- Go to https://notes.anonpaste.org/ (allow the needed script/s to make the service work)
- Add very long text to Editor (empty space), You can copy mine (uploaded as a file) which i faced the problem with:
https://notes.anonpaste.org/?b855400314 ... Lbhhr1YsBy
or from here
https://gofile.io/d/cCN2aE
- Untick "Burn after reading" and make "Expires: Never" then press on "Send"
- 2 behaviors you can notice:
* 1- Browser gonna tell you that Noscript slowing down the browser would you like to stop it?
* 2- While the page loading after pressing "Send" (as mentioned above), Press on NoScript icon in toolbar browser and go to settings= None closable page going to keep pop up
The important bug need to be fixed is not very much on 1 because maybe thats expected, The annoying part is point 2.
Tested on: (You can reproduce it with Firefox-esr if you dont want or have TB)
TorBrowser 11.0.13 (based on Mozilla Firefox 91.9.0esr) (64-bit), Security Level: Safer
NoScript version: 11.4.6
If you find it hard to reproduce i can upload a video about it.
ThX!
Posting long text to JS based Bins lead to messed up Noscript
-
- Posts: 8
- Joined: Sun May 22, 2022 2:20 pm
Posting long text to JS based Bins lead to messed up Noscript
Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0
Re: Posting long text to JS based Bins lead to messed up Noscript
Unable to confirm.
FF 91.9.0esr, new Profile, visit site, upload file (or paste data in), (2.5 MB).
No issues.
FF 100 beta1, existing Profile, visit site, upload file (or paste data in).
No issues.
(I don't have Tor on hand to test.)
FF 91.9.0esr, new Profile, visit site, upload file (or paste data in), (2.5 MB).
No issues.
FF 100 beta1, existing Profile, visit site, upload file (or paste data in).
No issues.
(I don't have Tor on hand to test.)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0 SeaMonkey/2.53.13
-
- Posts: 8
- Joined: Sun May 22, 2022 2:20 pm
Re: Posting long text to JS based Bins lead to messed up Noscript
After some time of playing with FF/NS i think i figured out the cause of it, The issue is not about long text but actually its about how many scripts going to be generated and blocked after Temp.Allow one when visiting the website then double click on Noscript (which allow the list of scripts table to popup outside in new window) <- This list will keep popping out and thus hanging/crushing the browser.
To understand what i mean more check the uploaded video: (The website i browsed is just an example)
https://gofile.io/d/fkTuO2
Note: Not all my virtual machines produced the same effect, But some of them i can reproduce the same effect every time.
Host: Debian 11
FF version: 91.10.0esr (64-bit)
NS version: 11.4.6
If you need further debugs, Just tell me.
ThX!
To understand what i mean more check the uploaded video: (The website i browsed is just an example)
https://gofile.io/d/fkTuO2
Note: Not all my virtual machines produced the same effect, But some of them i can reproduce the same effect every time.
Host: Debian 11
FF version: 91.10.0esr (64-bit)
NS version: 11.4.6
If you need further debugs, Just tell me.
ThX!
Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0
Re: Posting long text to JS based Bins lead to messed up Noscript
Not sure how you're getting that modal-like dialog box?
There have been odd times where I've gotten something like that (can't recall if NoScript related or not ?), but stuff like that does happen in FF (Quantum or whatever they call it).
Are you using any other extensions that may be affecting things?
If you disable all other extensions except for NoScript...
And/or test in a new, clean Profile with only NoScript installed...
And is this both with Tor & outside of Tor?
Oddly, in your video, the alqabas page never did load at all?
There have been odd times where I've gotten something like that (can't recall if NoScript related or not ?), but stuff like that does happen in FF (Quantum or whatever they call it).
Are you using any other extensions that may be affecting things?
If you disable all other extensions except for NoScript...
And/or test in a new, clean Profile with only NoScript installed...
And is this both with Tor & outside of Tor?
Oddly, in your video, the alqabas page never did load at all?
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0 SeaMonkey/2.53.13
-
- Posts: 8
- Joined: Sun May 22, 2022 2:20 pm
Re: Posting long text to JS based Bins lead to messed up Noscript
You mean this one on the right side: (This is different FF which i can load the website with)Not sure how you're getting that modal-like dialog box?
https://gofile.io/d/dzbiOO
This can be produced if you:
Temp.Trust alqabas first script then keep double clicking on NS (similar to the video i have uploaded) then it will show up.
No, Totally fresh install FF-ESR with only NS (as shown in the video)Are you using any other extensions that may be affecting things?
Yes, Actually Tor Browser is based on FF-ESR so whatever happen there happen here (except very few exceptions), But as i have shown i can produce with FF not just with TB.And is this both with Tor & outside of Tor?
Yeah crazy, Thats why i thought its better to report it here and investigate whats causing that.Oddly, in your video, the alqabas page never did load at all?
Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0
Re: Posting long text to JS based Bins lead to messed up Noscript
Yes that is what I tried, but I'm unable to get it to "break free" on my end (Windows).Temp.Trust alqabas first script then keep double clicking on NS (similar to the video i have uploaded) then it will show up.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0 SeaMonkey/2.53.13
-
- Posts: 8
- Joined: Sun May 22, 2022 2:20 pm
Re: Posting long text to JS based Bins lead to messed up Noscript
So is there a debug mechanism to the NoScript which either can be looked at in a local file or special version of NS which has URL that send live reports or ..etc?
Because if i have this issue and you cant produce it because of different environments then we need a detailed debug way just for NS readings, If there is one please tell me how to do it.
Because if i have this issue and you cant produce it because of different environments then we need a detailed debug way just for NS readings, If there is one please tell me how to do it.
Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0