Hi all - the XSS filter in NoScript 2.1.2.7 (latest) is sanitizing a URL in my development application and I'm not sure why. Here's an example of the console output:
[NoScript XSS] Sanitized suspicious request. Original URL [http://myserver/app/WebSoilSurvey.aspx? ... 566185826)] requested from [chrome://browser/content/browser.xul]. Sanitized URL: [http://myserver/app/WebSoilSurvey.aspx? ... 5450294197].
Note the parentheses have been scrubbed. Anybody have any idea why? It doesn't look like a particularly evil query string to me... And yep, I sure could just whitelist the server/app, but I'm curious to know what about the query string is making XSS unhappy.
Thanks!
Steven Colby
XSS filter - what's wrong with my URL?
-
Steven.Colby
XSS filter - what's wrong with my URL?
Mozilla/5.0 (Windows NT 5.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2
-
obiwan
Re: XSS filter - what's wrong with my URL?
Yes, the XSS filter appears to be broken. It flags requests that can't possibly be considered a XSS risk...
Mozilla/5.0 (X11; Linux i686; rv:6.0.2) Gecko/20100101 Firefox/6.0.2
-
obiwan
Re: XSS filter - what's wrong with my URL?
I did some testing and simplified your example. It flags this query string:
?location=(2)
but not this one
?location=()
Maybe I don't understand, but how are either of those a XSS risk? And if the first is, why isn't the second?
?location=(2)
but not this one
?location=()
Maybe I don't understand, but how are either of those a XSS risk? And if the first is, why isn't the second?
Mozilla/5.0 (X11; Linux i686; rv:6.0.2) Gecko/20100101 Firefox/6.0.2