InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

[RESOLVED] Google search xss attempt

https://forums.informaction.com/viewtopic.php?t=23207

Page 1 of 1

[RESOLVED] Google search xss attempt

Posted: Sun Aug 20, 2017 12:52 pm
by Jackal
Hi,
Last few days whenever I do a google search I get a warning from NoScript "NoScript filtered a potential cross-site scripting (XSS) attempt from [https://www.google.com.au]. Technical details have been logged to the Console"
And the console shows me this "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.google.com/_/og/promos/g. (Reason: CORS header 'Access-Control-Allow-Origin' missing)."

Should I be concerned, is there anything I should do?

Re: Google search xss attempt

Posted: Sun Aug 20, 2017 12:58 pm
by Giorgio Maone
Please check latest development build 5.0.9rc2, thanks.

Re: Google search xss attempt

Posted: Sun Aug 20, 2017 10:14 pm
by Beefy
I was also having this problem. Also an australian user. Thanks heaps this popup was really bugging me...

Re: Google search xss attempt

Posted: Mon Aug 21, 2017 10:50 am
by mary7
Hi, when I try to download the development build Firefox can't do the download it appears

Firef ox Has prevented this site from requiring the installation of additional components

i try to download but when it seems to download it says

Unable to download the add-in due to an error in the connection

Edit

Thanks to another reading of the FAQ page I installed the 5.09rc3 build. The XSS Google problem is solved

Thanks so much ^__^

Re: [RESOLVED] Google search xss attempt

Posted: Sat Aug 26, 2017 8:09 am
by LigH
Confirming, the RC solved this warning for me as well.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited