how to stop the XSS notifications (and block by default)

Ask for help about NoScript, no registration needed to post
brynn
Posts: 6
Joined: Thu Dec 07, 2017 12:25 pm

Re: how to stop the XSS notifications (and block by default)

Post by brynn »

Thanks FranL. I did see the yellow menu, from time to time. But I'm not sure what I did to have it displayed. But more than that, I don't know what it's for, what the options mean or what they do. And therefore, no idea how to use them.

Well anyway, as I said I've already switched over to SeaMonkey. But hopefully my comments will help developers improve the program. I've been told these changes with Firefox 57 had been expected for some time. So I don't know why NS developers couldn't have NS working out of the gate. But by the time SeaMonkey is ready to use this version, maybe it will be fixed.

Thanks again for everyone's comments :)
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.1
Bill Door
Posts: 1
Joined: Thu May 09, 2019 11:23 am

Re: how to stop the XSS notifications (and block by default)

Post by Bill Door »

Sorry to bring back a really old thread, but it has screenshots which make the point perfectly and I wanted to share a fix - to double-check it's safe to do this.

If anyone else is getting the "annoying pop-up" experience to the XSS notification.

Just this, over and over and over:
Kkat wrote: Fri Dec 08, 2017 4:06 pm Image
(picture borrowed from another thread)
I found the FAQ didn;t work because it doesn't match
Q: Can I turn off Anti-XSS activity notifications?
A: Yes, you can, just toggle the Noscript Options|Notifications|XSS preference.

So the option I've found that seems to work is this:

Click Advanced, and switch off the option “Ask confirmation for cross-site POST requests which could not be scanned”

This seems to stop the popups. But, is it safe? Advice welcome :)
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.131 Safari/537.36
Post Reply