Page 1 of 2
regular expression for bit.ly?
Posted: Fri May 06, 2011 11:42 pm
by Markus837
Dear NoScript users,
I have recently started using
the bit.ly sidebar and every time I post something through it I have to confirm the anti-xss protection for it. I have had a look at the regular expression described
here but can't seem to find the right code for the bit.ly sidebar. Can anyone help please? I would like to use the bit.ly sidebar without having to confirm the anti-xss dialogue. Thanks.
Re: regular expression for bit.ly?
Posted: Sat May 07, 2011 12:01 am
by Giorgio Maone
Can I see the exact [NoScript XSS] messages you get in
Tools>Error Console?
Re: regular expression for bit.ly?
Posted: Sat May 07, 2011 12:16 am
by Markus837
Hello Giorgio,
there are two, not sure if they are identical. This is the log from this page here when I click the bit-ly sidebar.
[NoScript ClearClick] Swallowed event mousedown on TEXTAREA/1 at
http://bit.ly/a/sidebar?u=http%3A%2F%2F ... 0bit.ly%3F
and
[NoScript ClearClick] Swallowed event mouseup on TEXTAREA/1 at
http://bit.ly/a/sidebar?u=http%3A%2F%2F ... 0bit.ly%3F
Re: regular expression for bit.ly?
Posted: Sat May 07, 2011 7:50 am
by Giorgio Maone
Unfortunately they're not XSS-related.
If you actually can see the yellow XSS warning, you should find [NoScript XSS] lines as well...
Re: regular expression for bit.ly?
Posted: Sat May 07, 2011 4:28 pm
by Markus837
So how can I get rid of the warning message every time I want to post a tweet?
Re: regular expression for bit.ly?
Posted: Sat May 07, 2011 4:35 pm
by Markus837
Or how can I tell NoScript to stop swallowing the mouse-down and up events please? I don't want to turn of XXS protection but would like to use the bit-ly sidebar for posting and editing tweet from various sites. Thanks.
Re: regular expression for bit.ly?
Posted: Sat May 07, 2011 4:41 pm
by Giorgio Maone
Markus837 wrote:So how can I get rid of the warning message every time I want to post a tweet?
Did you actually show us this warning message so far?
Re: regular expression for bit.ly?
Posted: Sat May 07, 2011 4:53 pm
by Markus837
[REDACTED IMAGE]
I am sure you understand now what I mean. In the error console log I do get the same messages that I have posted above.
Code: Select all
[NoScript ClearClick] Swallowed event mousedown on TEXTAREA/1 at http://bit.ly/a/sidebar?u=http%3A%2F%2Fforums.informaction.com%2Fposting.php%3Fmode%3Dreply%26f%3D7%26t%3D6422&s=&s=InformAction%20Forums%20%E2%80%A2%20Post%20a%20reply
and
Code: Select all
[NoScript ClearClick] Swallowed event mouseup on TEXTAREA/1 at http://bit.ly/a/sidebar?u=http%3A%2F%2Fforums.informaction.com%2Fposting.php%3Fmode%3Dreply%26f%3D7%26t%3D6422&s=&s=InformAction%20Forums%20%E2%80%A2%20Post%20a%20reply
These two messages are from the post reply page here on the forum when I click on the bit.ly sidebar.
Thanks for any help.
Re: regular expression for bit.ly?
Posted: Sat May 07, 2011 4:56 pm
by Markus837
Additionally you can click "view image" in the above post to see the whole image with the bit.ly sidebar. Again, thanks for any help on this.
Re: regular expression for bit.ly?
Posted: Sat May 07, 2011 5:09 pm
by Giorgio Maone
OK, that's not a XSS warning but a ClearClick (Clickjacking) one.
Please use the "Report" button and tell me the report ID you get assigned.
Re: regular expression for bit.ly?
Posted: Sat May 07, 2011 5:11 pm
by Guest
Ah darn, I forgot the edit out my bit.ly ID in the screenshot inside the noscript warning message, can you please remove the screen shot, asap, thanks. Here is a new screenshot without my bit.ly id in it. Silly me!!
Again, thanks for any help on this. Much appreciated as otherwise NoScript does protect me very very well.
Re: regular expression for bit.ly?
Posted: Sat May 07, 2011 5:16 pm
by Markus837
The Report ID is 1680487
Thanks.
Re: regular expression for bit.ly?
Posted: Sat May 07, 2011 8:47 pm
by Giorgio Maone
Re: regular expression for bit.ly?
Posted: Sun May 08, 2011 3:07 am
by Markus837
Thanks, just tested it and unfortunately it is still giving me the Potential Clickjacking / UI Redressing Attempt warning.
Does it matter perhaps that I use the MVPS HOSTS file? Perhaps I have to change some settings in NoScript?
Thanks for your support. I am really grateful.
Re: regular expression for bit.ly?
Posted: Sun May 08, 2011 9:10 am
by Giorgio Maone
Markus837 wrote:Thanks, just tested it and unfortunately it is still giving me the Potential Clickjacking / UI Redressing Attempt warning.
That's very strange.
Could you please give me another report ID and tell me what your
noscript.clearclick.subexceptions [url=http://kb..org/About:config]about:config[/url] preference looks like?