InformAction Forums

Although it is possible to always allow an individual site originating an XSS request to do do, is there a way to always allow a particular XSS target>

For example, I use CleanPrint - and you should too, it saves time, clutter, and paper - however as it is invoked from ANY page that you wish to print it must be individually allowed by NS on each of these pages.

True, 'allow unsafe reload' works, but it would be more elegant if the target http://cpf.cleanprint.net/cpf/cpf could simply always be allowed, no matter where it is invoked from.

Is there no way of doing this?

Thanks.

I suppose you just need to add to your NoScript Options|Advanced|XSS exceptions box.

Thank you,

But I did try that without success - which is why I concluded that the originating page is the one which has to be whitelisted, not the target.

Here is my exception list, as you can see, except for cleanprint it is default

^https?://([a-z]+)\.google\.(?:[a-z]{1,3}\.)?[a-z]+/(?:search|custom|\1)\?
^https?://([a-z]*)\.?search\.yahoo\.com/search(?:\?|/\1\b)
^https?://[a-z]+\.wikipedia\.org/wiki/[^"<>\?%]+$
^https?://translate\.google\.com/translate_t[^"'<>\?%]+$
^https://secure\.wikimedia\.org/wikipedia/[a-z]+/wiki/[^"<>\?%]+$
^http://cpf\.cleanprint\.net/cpf/cpf

Could you please show me the exact [NoScript XSS] messages you get in your Tools>Error Console (CTRL+J) when the problem happens?