NoScript XSS Blocks from TypeError in longurlplease.js?
Posted: Wed Mar 15, 2017 11:35 am
For the last few months I have observed a significant increase in the number of pages which NoScript blocks as potential XSS attempts. The common factor I have found in the console reports are error messages like the following:
TypeError: longurlplease.shortUrlRegexp is null
purporting to come from longurlplease.js
TypeError: longurlplease.shortUrlRegexp is null
purporting to come from longurlplease.js
- Is this in fact the cause of the XSS block?
If so:- Why is it dangerous?
Is there some way to stop this error from triggering an XSS block, short of whitelisting all of the pages on which it appears?
- Why is it dangerous?