When casually browsing websites and trying to open new pages, Noscript suddenly gives a notification of blocked redirect request to the webpage. The weird thing I've noticed is that Noscript's ABE tool only seemingly blocks webpages that use HTTP connection instead of HTTPS, hence sites like Gmail and Youtube work while sites like tvtropes.org or finnish websites like iltasanomat.fi don't. This has happened only once a day so far, and the solutions have been able to fix it by either me visiting some HTTP webpages with Chrome ( without closing Firefox), restarting Firefox and once it has only lasted only a short moment letting me back to browsing pages without doing anything. Here's a screenshot (in finnish, since I live in finland) what Noscript gives during the issue where I tried to acces finnish newspaper website from new Firefox tab.
http://i.imgur.com/qG3SayF.png The IP adress that's brushed over belongs to internet router my household uses, and it's identical in every message. After this issue occurs, the Ip adress seems to be incerted in Noscript's list of recently blocked elements...
I've posted about this in reddit and one user had this to say:
I've already searched my PC for possible infection(s) with help from profeccionals from Avast forum and nothing was found. I've also written about this issue to finnish IT forum who noted the reason possibly being somehow in my internet connection. I figured it would probably be for the best to come here to request help finding if the issue would be somehow be about my computer, browser, internet connection, or possibly a hickup of Noscript addon. However, tomorrow I'll be going on a trip and won't be able to get on my computer until sunday, so I'd like to ask for quick help.I'm no expert with NoScript, but I strongly believe that "<LOCAL> Deny" means that a script hosted on your own computer, or a redirect to a website hosted on your own computer was blocked.
This could potentially be caused by malware/adware on your computer trying to inject javascript or redirects into the website.
That could be used for example for a cross-site scripting attack, trying to steal your login session or login data, or for browser hijacking.
In this case I'd recommend cleaning up your system.
This could also be caused by other things like unusual programming practices, like a browser addon + local server program hybrid, or an edited host file.
The fact that only HTTP connections and no HTTPS connections are affected makes this seem like a someone is manipulating your internet traffic on the fly (likely your internet service provider), because that would be very hard/impossible for encrypted (HTTPS) traffic.
But doing that to inject scripts/redirects to your local computer would be weird.
Thanks in advance!
