Regular expression in XSS exceptions

Ask for help about NoScript, no registration needed to post
Post Reply
uten

Regular expression in XSS exceptions

Post by uten »

Hi,

I'm trying to make a XSS exception for the ubernote.com UberClip weblet. (you mark some text and initiate the weblet to have a copy sent to your account at ubernote)

I thought this should work:

Code: Select all

^http://www.ubernote.com/webnote/webtools[:graph:]+$
But it fails when tested on some random page with "lots" of text.
Obviously the include all option works, but I would like something a bit stricter. :)

Code: Select all

^http://www.ubernote.com/webnote/webtools.*$
Is regular expression classes allowed in the XSS filter at all?
Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1
Top
uten

Re: Regular expression in XSS exceptions

Post by uten »

:roll:
Guess the posix character classes ain't supported.
Replaced [:graph:] with [\x21-\x7E] and it seems to work as expected.

Best regards.
Uten
Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1
Top
dhouwn
Bug Buster
Posts: 968
Joined: Thu Mar 19, 2009 12:51 pm

Re: Regular expression in XSS exceptions

Post by dhouwn »

uten wrote:Guess the posix character classes ain't supported.
JS is doing the RegExp work so its rules apply: https://developer.mozilla.org/en/JavaSc ... Characters
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0
Top
Post Reply

Return to “NoScript Support”