XSS alert on a Microsoft page - how to stop it please?

[ptoye]

In Visual Basic, selecting a language element and pressing F1 is meant to get you via the web browser (in my case Firefox) to the Microsoft page defining it. However, NoScript gives an XSS alert, and I have to hit "Unsafe Reload" each time to get to the page I want. I looked at the console, and this seems to be the relevant item:

[NoScript XSS] Sanitised suspicious request. Original URL [http://msdn.microsoft.com/query/dev10.q ... B)&rd=true] requested from [chrome://browser/content/browser.xul]. Sanitised URL: [http://msdn.microsoft.com/query/dev10.q ... 7871667985].

Possibly the sanitization isn't working correctly - it's not easy to tell as I don't know enough about it.

I could probably put something into the NoScript XSS filter, but as I'm not too hot on regular expressions, I don't know what to put into it.

Can some kind soul please help?

[dhouwn]

Working as excepted, with the round brackets it could be a JS function call.

The following exclusion pattern should do:

^http://msdn\.microsoft\.com/query/dev10\.query\?[^"<>\?]+$

[ptoye]

Thanks, that's put me on the right lines. It didn't work as you typed it, though. I chopped of the bit at the end so it now reads:

^http://msdn\.microsoft\.com/query/dev10\.query\?

and it works fine. I think that yours didn't match the complicated stuff in the middle of the URL.