Confirmed.anonymous_user wrote:I have tested this by creating a new profile and installing only noscript in that profile and can confirm that it breaks the login. Disabling the noscript plugin in my normal profile also allows the website to work.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
NoScript 2.0.9.2rc1 with default preferences except trademe.co.nz is temporarily Allowed.
Error Console message is:
Code: Select all
[NoScript XSS] xss.reason.ReferenceError: whole is not defined --- ("//Members/SecureLogin.aspx?session={AF571C99-C248-4170-9B5E-CD07C5051B9B}")@chrome://noscript/content/RequestWatchdog.js:1151
InjectionChecker_checkJSBreak("///Members/SecureLogin.aspx?session={AF571C99-C248-4170-9B5E-CD07C5051B9B}")@chrome://noscript/content/RequestWatchdog.js:1288
("///Members/SecureLogin.aspx?session={AF571C99-C248-4170-9B5E-CD07C5051B9B}")@chrome://noscript/content/RequestWatchdog.js:1507
("///Members/SecureLogin.aspx?session={AF571C99-C248-4170-9B5E-CD07C5051B9B}",3)@chrome://noscript/content/RequestWatchdog.js:1717
("///Members/SecureLogin.aspx?session={AF571C99-C248-4170-9B5E-CD07C5051B9B}")@chrome://noscript/content/RequestWatchdog.js:1711
("///Members/SecureLogin.aspx?session={AF571C99-C248-4170-9B5E-CD07C5051B9B}")@chrome://noscript/content/RequestWatchdog.js:1682
([object Object])@chrome://noscript/content/RequestWatchdog.js:663
()@chrome://noscript/content/RequestWatchdog.js:77
((function () {return this.filterXSS(abeReq);}),[object Object])@chrome://noscript/content/RequestWatchdog.js:2323
([object XPCWrappedNative_NoHelper],"http-on-modify-request",null)@chrome://noscript/content/RequestWatchdog.js:78
The login seems to work if I toggle the about:config pref noscript.injectionCheck to 0 (zero).
http://noscript.net/features#xss
