ABE blocks everything non-HTML
-
Zerofire
ABE blocks everything non-HTML
I have some pages that ABE is blocking images, CSS, and JavaScript. This is kinda annoying especially since one site is Blackboard from the institution I am attending. There is no ABE warning for these sites. To make matters worse I am not permitted to turn ABE off by my employer. On these pages if you attempt to view the code it is blank. This also seams to only happen when the server is on the same network as the computer. For example if I go to Blackboard from my employer's network everything is fine but if it is from the institutions it becomes a problem. Likewise happens for my employers site on some pages.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10
Re: ABE blocks everything non-HTML
By chance have Options | HTTPS, Force HTTPS set to Always.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.14) Gecko/20100930 SeaMonkey/2.0.9
-
Giorgio Maone
- Site Admin
- Posts: 9524
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: ABE blocks everything non-HTML
This may mean that a page located on internet is trying to load stuff from a server in your intranet.Zerofire wrote:This also seams to only happen when the server is on the same network as the computer.
Could you check whether [ABE] messages appear in Tools|Error Console?
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.2.11) Gecko/20101012 Firefox/3.6.11
-
Zerofire
Re: ABE blocks everything non-HTML
There are messages for each image and Javascript file.
[ABE] <LOCAL> Deny on {GET http://www.[site].com/css/init.css <<< http://www.[site].com/, http://www.[site].com/ - 4}
SYSTEM rule:
Site LOCAL
Accept from LOCAL
Deny
This is very strange as they are being called via a relative link from the site root and the URL of the domain is being used not a local IP.
[ABE] <LOCAL> Deny on {GET http://www.[site].com/css/init.css <<< http://www.[site].com/, http://www.[site].com/ - 4}
SYSTEM rule:
Site LOCAL
Accept from LOCAL
Deny
This is very strange as they are being called via a relative link from the site root and the URL of the domain is being used not a local IP.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.11) Gecko/20101012 Firefox/3.6.11
-
Giorgio Maone
- Site Admin
- Posts: 9524
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: ABE blocks everything non-HTML
There's only one explanation to this situation: "www.site.com" resolves both to a local and an internet IP.Zerofire wrote:There are messages for each image and Javascript file.
[ABE] <LOCAL> Deny on {GET http://www.[site].com/css/init.css <<< http://www.[site].com/, http://www.[site].com/ - 4}
SYSTEM rule:
Site LOCAL
Accept from LOCAL
Deny
This is very strange as they are being called via a relative link from the site root and the URL of the domain is being used not a local IP.
This may be intentional, or a DNS misconfiguration (it's also common in DNS rebinding attacks, and that's why ABE blocks it, but it doesn't seem to be your case).
At any rate, the work-around is inserting the following rule in the beginning of your NoScript Options|Advanced|ABE SYSTEM ruleset:
Code: Select all
Site www.site.com
Accept
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.2.11) Gecko/20101012 Firefox/3.6.11
-
Zerofire
Re: ABE blocks everything non-HTML
That's very weird as I am very sure that the URL resolves to the WAN IP and not an internal one. The systems also use external (outside the network) DNS systems so the only IP that they can see is the WAN IP and no internal IP's. This is for the site hosting and each unit as we do not maintain our own DNS. Do you know of any routers that might be smart enough to be injecting a local IP? DD-WRT perhaps?
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.11) Gecko/20101012 Firefox/3.6.11