regular expression for bit.ly?

[Markus837]

Dear NoScript users,

I have recently started using the bit.ly sidebar and every time I post something through it I have to confirm the anti-xss protection for it. I have had a look at the regular expression described here but can't seem to find the right code for the bit.ly sidebar. Can anyone help please? I would like to use the bit.ly sidebar without having to confirm the anti-xss dialogue. Thanks.

[Giorgio Maone]

Can I see the exact [NoScript XSS] messages you get in Tools>Error Console?

[Markus837]

Hello Giorgio,

there are two, not sure if they are identical. This is the log from this page here when I click the bit-ly sidebar.

[NoScript ClearClick] Swallowed event mousedown on TEXTAREA/1 at http://bit.ly/a/sidebar?u=http%3A%2F%2F ... 0bit.ly%3F

and

[NoScript ClearClick] Swallowed event mouseup on TEXTAREA/1 at http://bit.ly/a/sidebar?u=http%3A%2F%2F ... 0bit.ly%3F

[Giorgio Maone]

Unfortunately they're not XSS-related.
If you actually can see the yellow XSS warning, you should find [NoScript XSS] lines as well...

[Markus837]

So how can I get rid of the warning message every time I want to post a tweet?

[Markus837]

Or how can I tell NoScript to stop swallowing the mouse-down and up events please? I don't want to turn of XXS protection but would like to use the bit-ly sidebar for posting and editing tweet from various sites. Thanks.

[Giorgio Maone]

So how can I get rid of the warning message every time I want to post a tweet?

Did you actually show us this warning message so far?

[Markus837]

[REDACTED IMAGE]

I am sure you understand now what I mean. In the error console log I do get the same messages that I have posted above.

Code: Select all

[NoScript ClearClick] Swallowed event mousedown on TEXTAREA/1 at http://bit.ly/a/sidebar?u=http%3A%2F%2Fforums.informaction.com%2Fposting.php%3Fmode%3Dreply%26f%3D7%26t%3D6422&s=&s=InformAction%20Forums%20%E2%80%A2%20Post%20a%20reply

and

Code: Select all

[NoScript ClearClick] Swallowed event mouseup on TEXTAREA/1 at http://bit.ly/a/sidebar?u=http%3A%2F%2Fforums.informaction.com%2Fposting.php%3Fmode%3Dreply%26f%3D7%26t%3D6422&s=&s=InformAction%20Forums%20%E2%80%A2%20Post%20a%20reply

These two messages are from the post reply page here on the forum when I click on the bit.ly sidebar.

Thanks for any help.

[Markus837]

Additionally you can click "view image" in the above post to see the whole image with the bit.ly sidebar. Again, thanks for any help on this.

[Giorgio Maone]

OK, that's not a XSS warning but a ClearClick (Clickjacking) one.
Please use the "Report" button and tell me the report ID you get assigned.

[Guest]

Ah darn, I forgot the edit out my bit.ly ID in the screenshot inside the noscript warning message, can you please remove the screen shot, asap, thanks. Here is a new screenshot without my bit.ly id in it. Silly me!!



Again, thanks for any help on this. Much appreciated as otherwise NoScript does protect me very very well.

[Markus837]

The Report ID is 1680487

Thanks.

[Giorgio Maone]

Could you check latest development build?

[Markus837]

Thanks, just tested it and unfortunately it is still giving me the Potential Clickjacking / UI Redressing Attempt warning.
Does it matter perhaps that I use the MVPS HOSTS file? Perhaps I have to change some settings in NoScript?

Thanks for your support. I am really grateful.

[Giorgio Maone]

Thanks, just tested it and unfortunately it is still giving me the Potential Clickjacking / UI Redressing Attempt warning.

That's very strange.
Could you please give me another report ID and tell me what your noscript.clearclick.subexceptions [url=http://kb..org/About:config]about:config[/url] preference looks like?