XSS on YouTube

Ask for help about NoScript, no registration needed to post
User avatar
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia

Re: XSS on YouTube

Post by Thrawn » Tue Sep 24, 2013 10:19 pm

barbaz wrote:@redwolfe_98:
redwolfe_98 wrote:after reading the other posts, where people said that they were concerned about allowing XSS, i am leary of using the new built

I think you can turn the exception off by going to about:config and setting noscript.filterXExceptions.yt_comments to false, see http://forums.informaction.com/viewtopic.php?p=48111#p48111

Also, Giorgio has already explained that he protected it from actual XSS, by filtering it to ensure that the exception only applies to requests coming from YouTube.
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0

Post Reply