InformAction Forums

Using the search functionality built into Firefox 57 (either via the unified address bar or via the separate search box) searches are being picked up as a XSS attack (see screenshot). The only thing that has changed from not having this behavior to having it, is updating NoScript to 10.1.5. This seems to only happen with Google, so far. I cannot recreate it if I use one of my other search engines (such as DuckDuckGo). I initially thought this was only happening with Google but I was able to recreate it with Wikipedia as well.

https://imgur.com/a/D9xzu

I'm getting this on every page I open just starting tonight. I had to disable noscript because every link I click causes this popup.

Is this problem still there in NoScript 10.1.5.1?

On 10.1.5 and firefox reports no update found when I manually update.

Gray wrote:On 10.1.5 and firefox reports no update found when I manually update.

I just updated to 10.1.5.1 via Firefox so it is now all in place. Update to the new .1 and see if that eliminates your problem

Release notes:

v 10.1.5.1
=============================================================
x Fixed regression from new "fail fast" XSS filter main loop,
causing cross-site requests to Google to trigger false
positives (thanks Steve M for reporting)

barbaz wrote:Is this problem still there in NoScript 10.1.5.1?

No, 10.1.5.1 seems to have addressed the issue. Cool.

Great, thanks for reporting back.

Not resolved for me. I've tried updating, I've relaunched firefox, reboot my computer, I still get xss attack every time.