Imageshack clickjack warning

[jason67]

Imageshack brings up a clickjack warning when I try to upload. I know it's probably nothing, but I know they have been hacked in the past, so I could use some reassurance. Is this a false alarm?

Thanks in advance.

[Alan Baxter]

http://noscript.net/faq#clearclick
Click on the image in the ClearClick Warning dialog a few times. If the image in both views is substantially the same, then it's probably a false alarm. If you think it is a false alarm, uncheck Keep this element locked.

In any event, would you click the Report button in the warning dialog? That will send a report to the NoScript developer and put a Report ID in the dialog. Please post back here with the Report ID.

[jason67]

report id: 696813

FWIW it only brings up the warning if i allow imageshack.us

if i visit the site as is, clicking "browse" gives no warning and immediately brings up my files as per usual

[Alan Baxter]

Thank you for the report id. Giorgio will check it out. By the way, are the two images substantially the same?

Edit: I added the following to my previous post.

If you think it is a false alarm, uncheck Keep this element locked.

[jason67]

Yes. In the original image there is no wording. When I click on the image I get a portion of wording from the orignal web page.

[Alan Baxter]

FWIW it only brings up the warning if i allow imageshack.us

if i visit the site as is, clicking "browse" gives no warning and immediately brings up my files as per usual

I just uploaded an image to my imageshack.us account with imageshack.us Allowed in NoScript. I can't reproduce your ClearClick warning.

[jason67]

Weird. I wasn't having any problems until today when I reset my noscript preferences and permissions. Until then I was using my firefox bookmark toolbar to connect to imageshack.us (old version). I've since removed the bookmark, and have only tried visiting the site directly. FWIW I have also not been able to access the old version since.

Maybe try removing any bookmarks/cookies to see if you can reproduce?

[Alan Baxter]

I'm testing in a clean dedicated testing profile that has only NoScript 1.9.9.35 installed. NoScript preferences and whitelist are the default, except imageshack.us is Allowed. Cookies are allowed, but the cookies and cache are cleared each time I restart the browser for a new test, like this one. I'm not using a bookmark. I entered http://imageshack.us/ in the URL bar. Are you loading the site a different way?

I just noticed you're using an old version of Firefox, Fx 3.5.5. Could you update to Fx 3.5.7 and retest? I assume you're using the current version of NoScript. Clear your cache with Tools > Options > Advanced > Network > Clear Now. Delete any imageshack.us cookies from the Cookies dialog: Tools > Options > Privacy > Show Cookies. Does you're problem persist if you use the default theme and disable all other extensions except NoScript? What if you install just NoScript in a test profile? Do you still get the ClearClick warning?

[jason67]

ok I updated FF to the latest version, but I'm still getting the clickjack warning. I even turned off adblock, but still the same. I did everything else you suggested including clearing cookies and cache. I also clicked directly from your link. Very strange.

new report id: 696963

[Alan Baxter]

We're both using the same version of Firefox on the same OS. Since we're getting different results, I suspect you didn't do it the same way I did. Please do the following:
- Create a new profile. Name it something like "Imageshack test". Don't change any of its settings. http://kb.mozillazine.org/Creating_a_ne ... on_Windows
- Install NoScript 1.9.9.35, the current version, in the new profile from https://addons.mozilla.org/en-US/firefox/addon/722
- Enter imageshack.us in the URL bar.
- Temporarily Allow imageshack.us using the NoScript menu.
- Click the Browse button

Result: A Windows file picker dialog pops up. I do not get a ClearClick warning. Do you get a different result if you follow these instructions exactly?

[jason67]

Thankyou Alan. I did that and it works fine now, no clearclick warning. The default profile still gets it however, so I just have to deduce what the heck the difference is. Thanks for all your help.

[Alan Baxter]

You're welcome, Jason. Now the fun begins. Let me know if you're able to track down the cause.

[jason67]

Will do.

[jason67]

Ok I’ve officially given up. I’ve tried everything to reproduce the warning with the second profile, but I still can’t pinpoint the cause. I’ve duplicated every single setting in FF, NoScript, and Adblock Plus. I made sure all the plug-ins were the same/enabled, and even imported my bookmarks. It’s obviously not a big deal, but my curiosity got the best of me.

Anyway…I’ve accepted defeat, and just deleted the default profile.

Thanks again for all your help Alan.

[Alan Baxter]

You're welcome. Did you try rebooting your computer? Sometimes that fixes things.
Just kidding. Thank you for hanging in there and giving it the old college try.