Anomolies in the latest version
Posted: Wed Sep 03, 2014 12:56 am
With NoScript-2.6.8.40 in Firefox-31 on 64-bit Linux Gentoo-Hardened-3.15.10, running in a VM on QEMU, the newly installed NoScript seems to be giving me warnings I have not seen before, like so:
"NoScript filtered a potential cross-site scripting(XSS) attempt from (chrome:). Technical details have been logged to the console."
Here is what I saw in the Console at that point:
"window.controllers is deprecated. Do not use it for UA detection. https-everywhere.js:335
[NoScript XSS] Sanitized suspicious upload to [https://startpage.com/do/metasearch.pl] from [chrome://browser/content/browser.xul]: transformed into a download-only GET request."
That is about all I know, and I can't say I really understand what all that means. It does seem to be happening regularly now, after upgrading to the latest NoScript earlier today.
"NoScript filtered a potential cross-site scripting(XSS) attempt from (chrome:). Technical details have been logged to the console."
Here is what I saw in the Console at that point:
"window.controllers is deprecated. Do not use it for UA detection. https-everywhere.js:335
[NoScript XSS] Sanitized suspicious upload to [https://startpage.com/do/metasearch.pl] from [chrome://browser/content/browser.xul]: transformed into a download-only GET request."
That is about all I know, and I can't say I really understand what all that means. It does seem to be happening regularly now, after upgrading to the latest NoScript earlier today.