XSS false positive: The Simple Dollar and Feedburner

Ask for help about NoScript, no registration needed to post
Post Reply
User avatar
Thrawn
Master Bug Buster
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:
Contact Thrawn

XSS false positive: The Simple Dollar and Feedburner

Post by Thrawn »

Subscribing to email updates from The Simple Dollar blog lands at feedburner.google.com with an XSS warning:

Code: Select all

[NoScript XSS] Sanitized suspicious upload to [http://feedburner.google.com/fb/a/emailverify] from [http://www.thesimpledollar.com/]: transformed into a download-only GET request.
Unsafe Reload is needed for the subscription to work (otherwise you get a spurious error claiming that email subscriptions are not enabled for the feed).

Is that just because I haven't whitelisted The Simple Dollar? If so, then it's not really an XSS error...
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:20.0) Gecko/20100101 Firefox/20.0
Top
Post Reply

Return to “NoScript Support”