InformAction Forums

I just signed up for flattr.com and noticed two problems:

First, I installed the Flattr plugin on my blog ( http://www.lazyteddy.com ), and now I get an XSS warning every time I load the page.

Second, when I clicked on the Flattr button on another website (in this case http://www.taz.de ) I got a clickjacking warning.

Now, the second problem is nothing I can do anything about except carefully checking the message and then allow on a case-by-case basis. But I would like to know if there's anything I can do on my blog to make sure my readers don't get the XSS warning — obviously that's not something that's good for my reputation

Suggestions, anyone?

Thanks
Sigdrifa

sigdrifa wrote:I installed the Flattr plugin on my blog ( http://www.lazyteddy.com ), and now I get an XSS warning every time I load the page.

Confirmed using NoScript 2.0.1rc2.
Default settings except Allowed lazyteddy.com, flattr.com

I've replaced the Wordpress plugin with a single button for now; that's working fine, although not quite what I wanted because it only flattrs the entire site, not a single article.

It appears that the problem with the plugin has something to do with the iframe that's being placed on the site for every Flattr button. I suppose it's more likely that it's a problem on the Flattr end and not with NoScript.

Still, if anyone else comes across the problem and has a solution, I'd still be interested.