InformAction Forums

I live in the UK and National Westminster Bank have a credit card security facility called NatWest Secure.

In brief, when checking out from many online merchants NatWest Secure requires a username and a password to verify it is you using the credit card. This procedure results in a separate screen (not a pop-up) where the required information is input. I have noticed this screen does not appear on some merchants web sites - even with all permissions allowed - making it impossible to complete the transaction.

Is there a way to overcome this?

I have a similar issue.

On submitting information into the Verified by Visa website, I get a *very* brief XSS banner across the top of Firefox, which I do not have time to acknowledge. The transaction *always* fails.

I have had to temporarily disable NoScript to complete the transaction.

Neil

Could you check if the problem persists on 1.9.9.66?
If it does, could you PM me the [NoScript XSS] lines you should get in Tools|Error Console, "Messages" (blue) section when this happens?
Thanks.

The link you provided took me straight to the development section of your site with no problems.

Neil

I have not bought anything else from the same site yet but I shall advise later if the problem persists.

I have version 1.9.9.63 and since this latest update, I also have problems when needing to enter a password for my Visa Verification approval. As soon as I input my password and click ok, an error comes up on the site "PMT_3D_SECURE_FAIL". I dont know if that error means something to you, or only to the site I am using, but basically it says my password entry has failed. I have had to disable NoScript which is a pain. Would love it if you could get this problem solved, thanks!!

Guest wrote:I have version 1.9.9.63 and since this latest update, I also have problems when needing to enter a password for my Visa Verification approval. As soon as I input my password and click ok, an error comes up on the site "PMT_3D_SECURE_FAIL". I dont know if that error means something to you, or only to the site I am using, but basically it says my password entry has failed. I have had to disable NoScript which is a pain. Would love it if you could get this problem solved, thanks!!

My apologies for the above. I didnt notice I did not have the latest update, as NOScript updates itself so assumed I had the latest. Manually updated it, and credit card approval DOES now go through soundly.
Thanks guys for your work.

Guest wrote: I dont know if that error means something to you, or only to the site I am using, but basically it says my password entry has failed.

If this error comes up on the site then it's probably for the site.
Can you please have a look in the Error Console (in the Tools menu, or Ctrl + Shift + J) the next time you see the error and send anything relevant through the forum's messaging system to Giorgio (I guess you need to register at this forum to send PMs)?

I was having the verified by visa problem for a long time, but it wasn't a deal breaker for me but I just tried with something and it went through fine. In fact, the issue I was having with the eBay to PayPal and back XSS issue has resolved too, before it would block it and I had to manually log in to PayPal and then go back to eBay to make it work. Another issue was with merchants who send you to PayPal to authenticate payment and then go back, it was blocking those in the past, off and on, not 100% of time, but so far, 6 attempts and it has not broken once, so it seems whatever was fixed, actually fixed multiple issues which is very nice to see, thanks Giorgio.

I have had the same problem again. I could not check out at cottontraders.co.uk as the page supposedly showing the MasterCard SecureCode verification information was blank.

Did you actually get a XSS message?
If so, what did the [NoScript XSS] lines in Tools|Error Console look like?

I had the similar problem with eBay India. When I made the purchase, it redirected to a couple of sites, and at one point, NoScript said unsafe redirection or some kind of message like that. I was forced to do a refresh after allowing the scripts. But unfortunately, my order was not completed, the credit card was charged - but the seller did not get the payment. I am still waiting to get my money back.

Jayanth wrote: NoScript said unsafe redirection

Are you sure it was NoScript? There's no "unsafe redirection" message from NoScript, as far as I know...

In answer to your question regarding a XSS message; no it was just a blank portion of the screen.

What you are explaining is a complete 180 from NoScript and stinks of content issue or programming issue on the part of whoever is running the website. Most of these sites poorly implement other sites by embedding them inside the IFrame. Now if you want to see if its NoScript or not, disable NoScript or allow globally and see what happens. This sounds like you have other things going on that are possibly killing it. What extensions do you have installed, please post them so we can use that info to infer what might be causing this issue.

Some of the biggest offenders are Adblock Plus which often does false positive blocking of certain things that cause problems. Also, some sites will embed MS, Google, and other tracking code into their sites which if you have Adblock Plus or Ghostery blocking them, you will have problems, its a well known issue with Ghostery and has been posted and brought to their attention with ZERO fix. Also, if you have RequestPolicy installed, you may have access from site a to site b blocked and need to allow it there and it often breaks it and when it is allowed and it reloads, the information disappears. Unlike NoScript they don't have safe reloads where your information is preserved, it does a full fledged reload which often results in double posting and the site will act with a myriad of different behaviors depending on the site coding. Also, if you have anything that modifies or screws withe UserAgent or Headers will also cause problems. And the list goes on, so keep all the other variables in mind before assuming NoScript is the problem, for the most part nearly always it turns out to be something else and what turns out to be an NS issue is often benign enough that its not the actual cause, it might just aggravate an already messed up situation.