InformAction Forums

Posted: **Sat Jan 20, 2018 3:59 am**

NoScript 5.1.8.4rc2
Waterfox 56.0.3 (also reproducible in Firefox 56.0.2 new profile, but the user-facing XSS notification doesn't display there)

URL: https://www.worldstarhiphop.com/videos/ ... 92TlQ27a6W

Scripts are blocked and I'm seeing this -

Code: Select all

[NoScript XSS] Sanitized suspicious request. Original URL [https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.worldstarhiphop.com%2Fvideos%2Fvideo.php%3Fv%3DwshhOG51c292TlQ27a6W&layout=button_count&show_faces=false&width=95&action=like&font=verdana&colorscheme=dark&height=20] requested from [https://www.worldstarhiphop.com/videos/video.php?v=wshhOG51c292TlQ27a6W]. Sanitized URL: [https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.worldstarhiphop.com%2Fvideos%2Fvideo.php%3Fv%3DwshhOG51c292TlQ20a6W%23666806849024151223&layout=button_count&show_faces=false&width=95&action=like&font=verdana&colorscheme=dark&height=20#8504582049936382189].

Comparing the URLs in Meld highlights it like this -

(original URL) https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.worldstarhiphop.com%2Fvideos%2Fvideo.php%3Fv%3DwshhOG51c292TlQ27a6W&layout=button_count&show_faces=false&width=95&action=like&font=verdana&colorscheme=dark&height=20

(sanitised URL) https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.worldstarhiphop.com%2Fvideos%2Fvideo.php%3Fv%3DwshhOG51c292TlQ20a6W%23666806849024151223&layout=button_count&show_faces=false&width=95&action=like&font=verdana&colorscheme=dark&height=20#8504582049936382189

Why does it think the number 7 is an XSS attack?

Posted: **Wed Jan 24, 2018 11:44 pm**

What about this one? Only happened once. Blocked first time, next time no XSS popup. 10.1.6.4rc4

Posted: **Thu Jan 25, 2018 2:08 am**

kukla wrote:What about this one? Only happened once. Blocked first time, next time no XSS popup. 10.1.6.4rc4

That warning maybe a NoScript 10 bug. It's not related to the one I'm asking about.

Posted: **Thu Jan 25, 2018 6:47 pm**

@kukla Yours looks like the same issue as https://forums.informaction.com/viewtop ... =7&t=24489, please continue discussion of that warning in that thread.

Posted: **Sun Jan 28, 2018 6:02 pm**

Please check latest development build
v 5.1.6.4rc3
=============================================================
x Fixed XSS false positive on some Facebook embeddings
(thanks barbaz for reporting)
x Fixed edge case origin checks for WebExtensions embedded in
privileged documents

Posted: **Sun Jan 28, 2018 6:08 pm**

Giorgio Maone wrote:Please check latest development build

This XSS warning is gone. Thanks Giorgio

InformAction Forums

Weird XSS message

Weird XSS message

Re: Weird XSS message

Re: Weird XSS message

Re: Weird XSS message

Re: Weird XSS message

Re: Weird XSS message