how to stop the XSS notifications (and block by default)

[brynn]

Thanks FranL. I did see the yellow menu, from time to time. But I'm not sure what I did to have it displayed. But more than that, I don't know what it's for, what the options mean or what they do. And therefore, no idea how to use them.

Well anyway, as I said I've already switched over to SeaMonkey. But hopefully my comments will help developers improve the program. I've been told these changes with Firefox 57 had been expected for some time. So I don't know why NS developers couldn't have NS working out of the gate. But by the time SeaMonkey is ready to use this version, maybe it will be fixed.

Thanks again for everyone's comments

[Bill Door]

Sorry to bring back a really old thread, but it has screenshots which make the point perfectly and I wanted to share a fix - to double-check it's safe to do this.

If anyone else is getting the "annoying pop-up" experience to the XSS notification.

Just this, over and over and over:

(picture borrowed from another thread)

I found the FAQ didn;t work because it doesn't match
Q: Can I turn off Anti-XSS activity notifications?
A: Yes, you can, just toggle the Noscript Options|Notifications|XSS preference.

So the option I've found that seems to work is this:

Click Advanced, and switch off the option “Ask confirmation for cross-site POST requests which could not be scanned”

This seems to stop the popups. But, is it safe? Advice welcome