InformAction Forums

For the last few months I have observed a significant increase in the number of pages which NoScript blocks as potential XSS attempts. The common factor I have found in the console reports are error messages like the following:
TypeError: longurlplease.shortUrlRegexp is null
purporting to come from longurlplease.js

• Is this in fact the cause of the XSS block?
  If so:
  • Why is it dangerous?
    Is there some way to stop this error from triggering an XSS block, short of whitelisting all of the pages on which it appears?
  If not, can you give me some guidance on identifying the cause of blockage?

Please check the Browser Console (Ctrl-Shift-J) when this issue happens and post here any messages related to NoScript.
(related messages usually start with either "[NoScript" or "[ABE]"; if you don't know what's related, turn off CSS warnings and post everything else you see)

It's hard to say without seeing detailed error messages, but I guess it's possible that if a site is passing regexen around, they might trip the XSS filter?