InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

potential xss cause firefox to hung ... for about 10sec

https://forums.informaction.com/viewtopic.php?t=20410

Page 1 of 1

potential xss cause firefox to hung ... for about 10sec

Posted: Tue Dec 23, 2014 8:49 pm
by gvp
ns 2.6.9.9
allow scripts globally
firefox 34

problem: potential xss cause firefox to hung ... for about 10sec

any cure for this very annoying behavior ?

example page:
http://www.real.gr/DefaultArthro.aspx?p ... 55&catID=1

Re: potential xss cause firefox to hung ... for about 10sec

Posted: Tue Dec 23, 2014 9:35 pm
by barbaz

Code: Select all

[NoScript InjectionChecker] JavaScript Injection in ///static/r07/sh183.html#iit=1419370192234&tmr=load=1419370181505&core=1419370185694&main=1419370192110&ifr=1419370192237&cb=0&cdn=0&kw=Î?Î?Î?Î?Î?Î?,ΧÎ?ΤÎ?Î?ΝÎ?Î?Î?Î?Î?Î?Î¥,Î?Î?ΣÎ?Î?Σ,Î?Î?Î?Î?ΝÎ?Î?Î?Î?,Î?Î Î?ΣΤÎ?Î?Î?,ΤÎ?ΧΝÎ?Î?Î?Î?Î?Î?,ΨΥΧÎ?Î?ΩÎ?Î?Î?,ΤÎ?ΥΡÎ?ΣÎ?Î?Σ,Î?Î?Î?Î?ΤÎ?ΣÎ?Î?Σ,Î?ΥΤÎ?Î?Î?ΝÎ?ΤÎ?,Î?Î?Î?Î?ΣΣÎ?,Î¥Î?Î?Î?Î?,Î Î?Î?Î?Î?,Î?ΥΝÎ?Î?Î?Î?,Î Î?ΡÎ?Î?Î?Î?Î?Î?,REALPRESS,REALFM,ESCAPE,TASTE&ab=-&dh=www.real.gr&dr=&du=http://www.real.gr/DefaultArthro.aspx?page=arthro&id=378755&catID=1&dt=Real.gr - ΠολιÏ?ική - Î?ενιζέλοÏ?: Î?Ï?ξήθηκαν οι Ï?ιθανÏ?Ï?ηÏ?εÏ? να γίνει Ï?ο Ï?Ï?Ï?Ï?Ï?&dbg=0&cap=tc=0&ab=0&inst=1&jsl=1&prod=undefined&lng=en-US&ogt=image&pc=men&pub=xa-4c6bdc0e6ec9da5e&ssl=0&sid=5499dec9525564de&srpl=1&srcs=1&srd=1&srf=1&srx=1&ver=300&xck=0&xtr=0&og=image=http%3A%2F%2Fwww.real.gr%3A80%2FFiles%2FArticles%2FPhoto%2F550_334_365683.jpg&aa=0&csi=undefined&toLoJson=uvs=5499dec9e9ccf223000&chr=UTF-8&md=0&vcl=0&rev=12.6&ct=1&xld=1&xd=1

[NoScript XSS] Sanitized suspicious request. Original URL [http://s7.addthis.com/static/r07/sh183.html#iit=1419370192234&tmr=load%3D1419370181505%26core%3D1419370185694%26main%3D1419370192110%26ifr%3D1419370192237&cb=0&cdn=0&kw=%CE%95%CE%9B%CE%9B%CE%91%CE%94%CE%91%2C%CE%A7%CE%91%CE%A4%CE%96%CE%97%CE%9D%CE%99%CE%9A%CE%9F%CE%9B%CE%91%CE%9F%CE%A5%2C%CE%9A%CE%9F%CE%A3%CE%9C%CE%9F%CE%A3%2C%CE%9F%CE%99%CE%9A%CE%9F%CE%9D%CE%9F%CE%9C%CE%99%CE%91%2C%CE%95%CE%A0%CE%99%CE%A3%CE%A4%CE%97%CE%9C%CE%97%2C%CE%A4%CE%95%CE%A7%CE%9D%CE%9F%CE%9B%CE%9F%CE%93%CE%99%CE%91%2C%CE%A8%CE%A5%CE%A7%CE%91%CE%93%CE%A9%CE%93%CE%99%CE%91%2C%CE%A4%CE%9F%CE%A5%CE%A1%CE%99%CE%A3%CE%9C%CE%9F%CE%A3%2C%CE%91%CE%98%CE%9B%CE%97%CE%A4%CE%99%CE%A3%CE%9C%CE%9F%CE%A3%2C%CE%91%CE%A5%CE%A4%CE%9F%CE%9A%CE%99%CE%9D%CE%97%CE%A4%CE%9F%2C%CE%98%CE%91%CE%9B%CE%91%CE%A3%CE%A3%CE%91%2C%CE%A5%CE%93%CE%95%CE%99%CE%91%2C%CE%A0%CE%91%CE%99%CE%94%CE%99%2C%CE%93%CE%A5%CE%9D%CE%91%CE%99%CE%9A%CE%91%2C%CE%A0%CE%95%CE%A1%CE%99%CE%9F%CE%94%CE%99%CE%9A%CE%91%2CREALPRESS%2CREALFM%2CESCAPE%2CTASTE&ab=-&dh=www.real.gr&dr=&du=http%3A%2F%2Fwww.real.gr%2FDefaultArthro.aspx%3Fpage%3Darthro%26id%3D378755%26catID%3D1&dt=Real.gr%20-%20%CE%A0%CE%BF%CE%BB%CE%B9%CF%84%CE%B9%CE%BA%CE%AE%20-%20%CE%92%CE%B5%CE%BD%CE%B9%CE%B6%CE%AD%CE%BB%CE%BF%CF%82%3A%20%CE%91%CF%85%CE%BE%CE%AE%CE%B8%CE%B7%CE%BA%CE%B1%CE%BD%20%CE%BF%CE%B9%20%CF%80%CE%B9%CE%B8%CE%B1%CE%BD%CF%8C%CF%84%CE%B7%CF%84%CE%B5%CF%82%20%CE%BD%CE%B1%20%CE%B3%CE%AF%CE%BD%CE%B5%CE%B9%20%CF%84%CE%BF%20%CF%83%CF%89%CF%83%CF%84%CF%8C&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=1&prod=undefined&lng=en-US&ogt=image&pc=men&pub=xa-4c6bdc0e6ec9da5e&ssl=0&sid=5499dec9525564de&srpl=1&srcs=1&srd=1&srf=1&srx=1&ver=300&xck=0&xtr=0&og=image%3Dhttp%253A%252F%252Fwww.real.gr%253A80%252FFiles%252FArticles%252FPhoto%252F550_334_365683.jpg&aa=0&csi=undefined&toLoJson=uvs%3D5499dec9e9ccf223000%26chr%3DUTF-8%26md%3D0%26vcl%3D0&rev=12.6&ct=1&xld=1&xd=1] requested from [http://www.real.gr/DefaultArthro.aspx?page=arthro&id=378755&catID=1]. Sanitized URL: [http://s7.addthis.com/#653276701450786593].
I'd say NoScript is saving you there, and you should mark addthis.com as Untrusted (that seems to prevent both the hang and the XSS filter trigger).

Re: potential xss cause firefox to hung ... for about 10sec

Posted: Tue Dec 23, 2014 10:01 pm
by gvp
What procedure I must follow in order to to mark addthis.com as Untrusted ?

select Forbid scripts globally
select mark addthis.com as Untrusted
select Allow scripts globally
???

ps
When I forbid scripts globally nothing in this site works ... no video, no links ... nothing

Re: potential xss cause firefox to hung ... for about 10sec

Posted: Tue Dec 23, 2014 10:08 pm
by barbaz
gvp wrote:select mark addthis.com as Untrusted
Only this
gvp wrote:ps
When I forbid scripts globally nothing in this site works ... no video, no links ... nothing
If allowing scripts globally is the *only* way to get it working, and you can't make it work the same by clicking 'Temporarily allow all this page' repeatedly ([auto] reloading each time) until there's nothing left to allow, you found a NoScript bug
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited