InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

ATTN GIORGIO: ABE: 'Logout' action doesn't work

https://forums.informaction.com/viewtopic.php?t=1825

Page 1 of 1

ATTN GIORGIO: ABE: 'Logout' action doesn't work

Posted: Wed Jul 01, 2009 6:35 pm
by Guest
Hello,

basically, this is a rule I'm using:

Code: Select all

Site example.org
Accept from SELF
Logout GET
Deny
The idea behind this rule is that the site may make requests to itself, cross-site GET requests are stripped of credentials and every other CS request is blocked.

The problem: Each time the Logout action would apply, the request is stopped and no notification is displayed. In the console (Messages), I found this:

Code: Select all

[NoScript XSS] xss.reason.[Exception... "Component returned failure code: 0x804b000f (NS_ERROR_IN_PROGRESS) [nsIHttpChannel.setRequestHeader]"  nsresult: "0x804b000f (NS_ERROR_IN_PROGRESS)"  location: "JS frame :: chrome://noscript/content/ABE.js :: anonymous :: line 490"  data: no] --- undefined
Am I doing something wrong here? :|

Re: ATTN GIORGIO: ABE: 'Logout' action doesn't work

Posted: Thu Jul 02, 2009 8:46 am
by Tom T.
Bumped and flagged this for Giorgio's attention. Thanks for your patience.

Re: ATTN GIORGIO: ABE: 'Logout' action doesn't work

Posted: Thu Jul 02, 2009 9:21 am
by Giorgio Maone
Looks like a bug due to the request being processed too late for modifying headers if its DNS entry is not cached yet.
Thanks for reporting, it will be fixed in next release.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited