Bug report: NoScript 1.9.9.63 XSS error with Google Maps
Posted: Sat Apr 17, 2010 10:56 pm
Windows 7 x64
Firefox 3.6.3
NoScript 1.9.9.63
Alright, I've been submitting error reports to Google Maps when they have something wrong. And once they correct them, they send me a message back with a link to the area that I reported that was wrong. Now, most of the time, the link in that e-mail saying it's been fixed works fine. However, sometimes NoScript doesn't like those links and pops up a "XSS" error message and breaks the page.
Here's the error:
Firefox 3.6.3
NoScript 1.9.9.63
Alright, I've been submitting error reports to Google Maps when they have something wrong. And once they correct them, they send me a message back with a link to the area that I reported that was wrong. Now, most of the time, the link in that e-mail saying it's been fixed works fine. However, sometimes NoScript doesn't like those links and pops up a "XSS" error message and breaks the page.
Here's the error:
It seems it doesn't like the "." at the end of the report's original URL (Please nobody attempt to update that report, I've already submitted info about the missing exit numbers in a separate report and they already said I was right, so that should be fixed soon) when clicking on the link inside of my e-mail (GMail account). Because when I right click and copy the URL and then paste it into a New Tab in FF, it works just fine with no XSS message.Code: Select all
[NoScript XSS] Sanitized suspicious request. Original URL [http://maps.google.com/?ie=UTF8&ll=40.430991%2C-80.026335&spn=0.001505%2C0.003484&z=19&skstate=action:update$fid:4545264270379343475$location:40.43096%2C-80.02586$issue_class:rmi.street$description:This%20%22ramp%22%20is%20really%20still%20part%20of%20I-376%20at%20this%20point.%20%20At%20the%20point%20of%20this%20report%20is%20where%20it%20truly%20leaves%20I-376%20as%20exit%20%2369C.%20%20The%20location%20of%20the%20ramp%20leaving%20can%20be%20verified%20via%20the%20Satellite%20view.%20%20The%20other%20ramp%20to%20Saw%20Mill%20Run%20Blvd%20from%20I-376%20EB%20is%20Exit%20%2369B.] requested from [moz-nullprincipal:{be0d8ae0-53a4-43d2-bfb0-323c52a5047a}]. Sanitized URL: [http://maps.google.com/?ie=UTF8&ll=40.430991%2C-80.026335&spn=0.001505%2C0.003484&z=19&skstate=action%20update%24fid%3A4545264270379343475%24location%3A40.43096%20-80.02586%24issue_class%3Armi.street%24description%3AThis%20%22ramp%22%20is%20really%20still%20part%20of%20I-376%20at%20this%20point.%20%20At%20the%20point%20of%20this%20report%20is%20where%20it%20truly%20leaves%20I-376%20as%20exit%20%2069C.%20%20The%20location%20of%20the%20ramp%20leaving%20can%20be%20verified%20via%20the%20Satellite%20view.%20%20The%20other%20ramp%20to%20Saw%20Mill%20Run%20Blvd%20from%20I-376%20EB%20is%20Exit%20%2069B.#00897302285093137826].
