False XSS warning.

Ask for help about NoScript, no registration needed to post
geeknik
Posts: 2
Joined: Fri Apr 03, 2009 12:54 am

False XSS warning.

Post by geeknik » Fri Apr 03, 2009 1:00 am

I'm using the bookmarklet from http://reg.imageshack.us/content.php?page=transloader to upload images to imageshack.us from another site w/o having to save the image to my drive. However, I get this error when trying to do so.

[NoScript XSS] Sanitized suspicious upload to [http://imageshack.us/transload.php] from [moz-nullprincipal:{36973df9-b5cc-46f8-8262-7d222fbd20b1}]: transformed into a download-only GET request.

I have allowed imageshack.us and I have temporarily allowed the site I'm uploading the image from. Any ideas?
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1b4pre) Gecko/20090402 Shiretoko/3.5b4pre

User avatar
Giorgio Maone
Site Admin
Posts: 8716
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:

Re: False XSS warning.

Post by Giorgio Maone » Fri Apr 03, 2009 1:10 am

Either forbid imageshack.us (not sure if it's feasible for other operations) or add the following line to NoScript Options|Advanced|XSS exceptions:

Code: Select all

^http://imageshack\.us/transload\.php$
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8 (.NET CLR 3.5.30729)

geeknik
Posts: 2
Joined: Fri Apr 03, 2009 12:54 am

Re: False XSS warning.

Post by geeknik » Fri Apr 03, 2009 1:18 am

Thanks. Adding that code worked. :)
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1b4pre) Gecko/20090402 Shiretoko/3.5b4pre

Post Reply