Regarding the stickies...

Discussion about the board itself, forums organization and site bugs.
Post Reply
barbaz
Senior Member
Posts: 10834
Joined: Sat Aug 03, 2013 5:45 pm

Regarding the stickies...

Post by barbaz »

I've been constantly referring people who need XSS exceptions help to http://forums.informaction.com/viewtopi ... =7&t=17774. I don't know of any better documentation than that for how to make XSS exceptions. Could someone please replace the obsolete stickies in NoScript Support forum with that topic?
*Always* check the changelogs BEFORE updating that important software!
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:26.0) Gecko/20100101 Firefox/26.0 SeaMonkey/2.23
User avatar
Thrawn
Master Bug Buster
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: Regarding the stickies...

Post by Thrawn »

Well, the first port of call for XSS problems is not to write an exception, but to post the details here, because in many cases Giorgio can improve the filter to work around the problem.

But which sticky were you thinking to update? If you want a new one, only Giorgio can do that.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0
barbaz
Senior Member
Posts: 10834
Joined: Sat Aug 03, 2013 5:45 pm

Re: Regarding the stickies...

Post by barbaz »

I was thinking boot the one about icons gone after upgrading to Fx 4 and instead sticky the mentioned topic. Are you saying that more XSS false positives are bugs in the filter than bad site design?
*Always* check the changelogs BEFORE updating that important software!
Mozilla/5.0 (X11; Linux i686; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26a1
User avatar
Thrawn
Master Bug Buster
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: Regarding the stickies...

Post by Thrawn »

barbaz wrote:I was thinking boot the one about icons gone after upgrading to Fx 4 and instead sticky the mentioned topic.
Possibly. Up to Giorgio.

Or perhaps the syntax could be mentioned on noscript.net.
Are you saying that more XSS false positives are bugs in the filter than bad site design?
:D It's a fine line! I wouldn't call them 'bugs', but Giorgio does often add workarounds for bad site design.

There are a few cases where sites actually send requests that are indistinguishable from XSS, and there's nothing to be done. But often Giorgio can do something.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0
Post Reply