InformAction Forums

Hi, when my internet connection goes down, my router redirects the page to a screen saying the internet connection has gone down. Noscript blocks this page I get the following error:

Request {GET http://dsldevice.lan/cgi/b/ic/conect/?n ... S:official <<< http://en-us.start3.mizilla.com/firefox ... S:official, chrome://browser/content/browser.xul, chrome://browser/content/browser.xul} filtered by ABE: <LOCAL> Deny

Can an exception be made so this innocent message gets through. I might add that when I was having internet problems it would have shaved several hours off troubleshooting if I had gotten the message. Or is this identical to some attack that we need to be protected from.

Thanks for the use of this awesome app that makes me feel much safer on the web (even though I surf most of the time with all scrips allowed)

drsassafras wrote:Or is this identical to some attack that we need to be protected from.

Yes it is.

You'd better use a bookmark to reach your router interface.

So you're saying his router is owned?

And instead of attempting to load a mozilla web page (which I assume redirects to google.com), it would attempt to load this (now defunct? & malicious) mizilla.com webpage?

therube wrote:So you're saying his router is owned?

Nope, I'm just saying that working around this kind of inconvenience by excepting his router in ABE would void the protection given by default against cross-zone attacks against his intranet.
Using a bookmark is the best approach.

Then what is this "mizilla.com"?

therube wrote:Then what is this "mizilla.com"?

A typo? However it's irrelevant to the problem at hand, since it happens when connection goes down.

Thanks for the response.

To clarify, the router only tries to redirect to a page saying "internet down" basically with some troubleshooting ideas when the internet is down.

Could noscript detect if the internet is down and allow this action if it is? I presume that there would be little risk of an attack if the internet was in fact down.

Perhaps there should be a warning page like FF does sometimes, This site Could be an ATTACK! only enter at your own risk. Right now even though I know its not an attack, there is no easy way to get into it, unless I figure out how to disable it in that list, but then I still want the protection when it matters.

Just thoughts. I really appreciate the added security.

I have a similar problem when I am travelling. Every hotel I have ever stayed in for a conference uses routers which redirect you to some sort of login or hotel advertising page before you can get on the internet. There is no problem when first opening the browser but if you attempt to reload a page when reauthorization is required (like at the start of each day, or sometimes more frequently than that), ABE fires.

I end up using another browser to do the reauthorization.

Ideally I'd like a button on the ABE info bar that would let me allow the request to complete just the one time. Quite apart from the fact that I do not properly understand ABE or the language used to add exceptions, I have no wish to be adding permanent exceptions for hotels that I am unlikely to ever visit again.

Can you add a button as described?

To clarify, the router only tries to redirect to a page saying "internet down" basically with some troubleshooting ideas when the internet is down.

I can't remember a time when the entire Internet went down.

Your ISP (Internet Service Provider) may have an outage, general or specific to your area, or your modem may be faulty or drop a connection, or your router may drop a connection, or your machine ....

What is meant is that "You cannot connect to the Internet, for some unknown reason." NoScript cannot know why.

Quick test: From a command prompt, run this: (I'm pretty sure ping works in Mac too, correct?)

If it times out all four (or however many default) tries, then you know you have no connectivity.

To test the connection between the machine and your router, especially a wireless connection, ping your router: (or .1.0 or 0.1 or whatever)
If you can't reach the router, take it out of the picture. Plug the machine directly into the modem and try pinging example.com. (They don't mind, if you don't overdo it.)
If no luck, call your ISP.

Now you don't need any "helpful redirect to troubleshooting".

msc wrote:I have a similar problem when I am travelling. Every hotel I have ever stayed in for a conference uses routers which redirect you to some sort of login or hotel advertising page before you can get on the internet. There is no problem when first opening the browser but if you attempt to reload a page when reauthorization is required (like at the start of each day, or sometimes more frequently than that), ABE fires.

That's because what the hotels are doing is identical to an attack scenario. Someone in the middle intercepting your traffic and sending you a different page back? That could just as easily be malicious as not.

Can you add a button as described?

Options-Advanced-ABE-Enable ABE should work, just remember to re-enable it afterward.

msc wrote:Can you add a button as described?

ABE for NSA++ (NoScript for Android) has one.
I'll try to backport it on desktop NoScript.