[SOLVED]Strange XSS message

[linuser]

Mindfield 4.0b4 for linux 32bit + Noscript 2.0.1rc4 . The following message appears in the errror console since a few days :

Code: Select all

[NoScript XSS] xss.reason.[Exception... "Component returned failure code: 0x80004004 (NS_ERROR_ABORT) [nsIURI.spec]"  nsresult: "0x80004004 (NS_ERROR_ABORT)"  location: "JS frame :: chrome://noscript/content/ABE.js :: anonymous :: line 566"  data: no] --- undefined

It happened also with previous Mindfield builds ( 4.0b3 ) and Noscript 2.0

[Giorgio Maone]

Have you got any "Anon" ABE rule?

[linuser]

Have you got any "Anon" ABE rule?

Yes , I found it in a post here in the forum ...

Code: Select all

# This rules allows authentication data to be sent with requests originated
# from the same base domain, stripping it off otherwise
Site *
Accept from SELF++
Anon

[therube]

(Link to that selection, http://forums.informaction.com/viewtopi ... 394#p20394.)

[Giorgio Maone]

It seems to be due to an incompatible change in how nsIURI objects work, happened in recent trunk build.
Anon seems not to be working anymore for some requests at least, invstigating.

[linuser]

I've added the same ABE rule in another profile running Firefox 3.6.8 coming from the ubuntu mozilla security PPA and after restarting the browser I found the same XSS message in the error console.

Apart the warning , all seem to work correctly ...

EDIT : the error seems to appear apparently ONLY when visiting any *.wikipedia.org page.

[linuser]

The message doesn't appear anymore in the latest Mindfield build with Noscript v 2.0.2rc5.

I guess it can be declared as solved.