Potential Identity Leak with Version 11.4.13

Ask for help about NoScript, no registration needed to post
Skeezix
Senior Member
Posts: 95
Joined: Fri Jan 21, 2011 1:23 am

Potential Identity Leak with Version 11.4.13

Post by Skeezix »

I keep getting Potential Identity Leak warnings when I visit sites that I've visited many times in the past. I'm using version 11.4.13. One of the sites is "answers.microsoft.com".

What changed in NoScript and how can I go to these sites without seeing the message?

Also, when trying to make a new post I get this message: "Ooops, something in your posting triggered my antispam filter...
Please use the "Back" button to modify your content and retry." No matter what I do I keep getting the message.

Why is that?
* HP Pavilion Desktop 510-p114
* Windows 10 Home 22H2 19045.3208
* Firefox 115.0.2 Thunderbird 112.13.0
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0
barbaz
Senior Member
Posts: 10834
Joined: Sat Aug 03, 2013 5:45 pm

Re: Potential Identity Leak with Version 11.4.13

Post by barbaz »

Skeezix wrote: Sun Dec 04, 2022 7:34 pm I keep getting Potential Identity Leak warnings when I visit sites that I've visited many times in the past. I'm using version 11.4.13. One of the sites is "answers.microsoft.com".

What changed in NoScript and how can I go to these sites without seeing the message?
So this started when you upgraded NoScript to 11.4.13? What NoScript version were you using before?

What do you have set for NoScript Options > Advanced, "Cross-tab identity leak protection"?
*Always* check the changelogs BEFORE updating that important software!
-
Skeezix
Senior Member
Posts: 95
Joined: Fri Jan 21, 2011 1:23 am

Re: Potential Identity Leak with Version 11.4.13

Post by Skeezix »

Hi barbaz,

It started when I updated version 11.4.11 to 11.4.13. I don't believe I ever ran 11.4.12.

"Cross-tab identity leak protection" is set to "Enabled everywhere" (the default). I don't change anything when I update NoScript.
* HP Pavilion Desktop 510-p114
* Windows 10 Home 22H2 19045.3208
* Firefox 115.0.2 Thunderbird 112.13.0
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0
barbaz
Senior Member
Posts: 10834
Joined: Sat Aug 03, 2013 5:45 pm

Re: Potential Identity Leak with Version 11.4.13

Post by barbaz »

Skeezix wrote: Sun Dec 04, 2022 9:51 pm "Cross-tab identity leak protection" is set to "Enabled everywhere" (the default).
Image
The default I get is "Enabled in Private Browsing only". Does changing to that help?
*Always* check the changelogs BEFORE updating that important software!
-
Skeezix
Senior Member
Posts: 95
Joined: Fri Jan 21, 2011 1:23 am

Re: Potential Identity Leak with Version 11.4.13

Post by Skeezix »

This morning I changed the selection to "Disabled" and that fixed the problem. I'll change that to "Enabled in private browsing" and see if that works (it prolly will).
Thank you for your help with this!
* HP Pavilion Desktop 510-p114
* Windows 10 Home 22H2 19045.3208
* Firefox 115.0.2 Thunderbird 112.13.0
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0
Anon564

Re: Potential Identity Leak with Version 11.4.13

Post by Anon564 »

Why can't there be an OPTION to have this enabled ALWAYS but still able to set it to choose anonymous loading automatically?

I have this too since the update, but I kind of like the setting to be enabled, but we have to keep clicking "ok" each time in order to have it load anonymously.

There should really be an option that circumvents the necessity to click ok every time, lest this option is effectively useless due to pure annoyance.

I want this enabled but can't have it without being constantly annoyed by the popup.
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36
barbaz
Senior Member
Posts: 10834
Joined: Sat Aug 03, 2013 5:45 pm

Re: Potential Identity Leak with Version 11.4.13

Post by barbaz »

Anon564 wrote: Fri Jan 20, 2023 6:24 pm Why can't there be an OPTION to have this enabled ALWAYS but still able to set it to choose anonymous loading automatically?
That is an interesting idea, and would be a good idea if a couple other things would change first:

1) Currently the dialog is the only way to make cross-tab identity leak protection decisions for individual site pairs. Probably NoScript Options would need to get a UI for view/add/edit/delete the individual cross-tab identity leak protection decisions.

2) viewtopic.php?p=105923#p105923
Having that happen automatically would be bad in several ways, especially if happened without any notice that cross-tab identity leak protection took action. The Containers idea proposed in the linked thread would address these concerns too.
Anon564 wrote: Fri Jan 20, 2023 6:24 pm There should really be an option that circumvents the necessity to click ok every time, lest this option is effectively useless due to pure annoyance.

I want this enabled but can't have it without being constantly annoyed by the popup.
I too am starting to find the warnings tiresome. Not good, since this type "annoyance" tends to result in users not reading the warning enough before clicking the option(s) to dismiss it. Thanks for bringing this up.
*Always* check the changelogs BEFORE updating that important software!
-
Post Reply