JavaScript Injection in ///en-US/docs/Mozilla/About_omni.ja

Ask for help about NoScript, no registration needed to post
Post Reply
johnscript
Junior Member
Posts: 49
Joined: Wed Feb 20, 2013 1:49 pm

JavaScript Injection in ///en-US/docs/Mozilla/About_omni.ja

Post by johnscript »

I've seen this message about a possible XSS attempt in the browser console a few days ago:

Code: Select all

Host: encrypted.google.com
Url: https://encrypted.google.com/search?output=search&sclient=psy-ab&q=omni.jar&btnG=
[NoScript InjectionChecker] JavaScript Injection in ///en-US/docs/Mozilla/About_omni.ja_(formerly_omni.jar)
(function anonymous() {
en-US/docs/Mozilla/About_omni.ja_(formerly_omni.jar) /* COMMENT_TERMINATOR */
DUMMY_EXPR
})
[NoScript XSS] Sanitized suspicious request. Original URL [https://developer.mozilla.org/en-US/docs/Mozilla/About_omni.ja_(formerly_omni.jar)] requested from [https://encrypted.google.com/search?output=search&sclient=psy-ab&q=omni.jar&btnG=]. Sanitized URL: [https://developer.mozilla.org/en-US/docs/Mozilla/About_omni.ja_%20formerly_omni.jar%20#7791350692740373627].
TypeError: self.urlTooltipLabel is undefined urlbar.xml:379:15
COOKIE BLOCKED
Host: developer.mozilla.org
Url: https://developer.mozilla.org/en-US/docs/Mozilla/About_omni.ja_%20formerly_omni.jar%20#7791350692740373627
I didn't notice anything unusual when NoScript threw this warning: I was actually looking for some Mozilla wiki page on Google, after clicking on the link I was interested in I saw the warning at the top of the browser window, and then in the error console the above message.

Is that something to worry about?
Mozilla/5.0 (X11; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0
Top
User avatar
Thrawn
Master Bug Buster
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:
Contact Thrawn

Re: JavaScript Injection in ///en-US/docs/Mozilla/About_omni

Post by Thrawn »

No, it's harmless enough. NoScript didn't like the brackets in the URL, which resemble a JavaScript function call.

Have you whitelisted mozilla.org? That makes a difference to the strictness of the injection checker.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:42.0) Gecko/20100101 Firefox/42.0
Top
barbaz
Senior Member
Posts: 11142
Joined: Sat Aug 03, 2013 5:45 pm

Re: JavaScript Injection in ///en-US/docs/Mozilla/About_omni

Post by barbaz »

I can confirm this behavior and I have mozilla.org whitelisted. (I just pasted the URL in my address bar.)

I am certain it's a false positive. Is it possible to adjust to fix this in NoScript, or is a XSS exception necessary?
*Always* check the changelogs BEFORE updating that important software!
-
Top
johnscript
Junior Member
Posts: 49
Joined: Wed Feb 20, 2013 1:49 pm

Re: JavaScript Injection in ///en-US/docs/Mozilla/About_omni

Post by johnscript »

Thrawn wrote:No, it's harmless enough. NoScript didn't like the brackets in the URL, which resemble a JavaScript function call.

Have you whitelisted mozilla.org? That makes a difference to the strictness of the injection checker.
Thanks for you reply, no I hadn't whitelisted mozilla.org, I mean not permanently: it was temporarily allowed.
1.9.2.3) Gecko/20100402 Iceweasel/3.6.3 (like Firefox/3.6.3) GTB7.0
Top
Post Reply

Return to “NoScript Support”