InformAction Forums

There is some security issue you might have an eye on. I don't know if there is an effective way for protection in this case. Please check http://www.heise.de/security/artikel/Pa ... 0910.html# There is a link named "demo" (In the first paragraph captioned with "Eine kleine Demo") - click it and you get to a site where you are asked to enter username and password - do so and the calling site will show you the password. It is a simple trick, I dont know if you are aware of this and able to implement protection against it in NoScript

Thanx for NoScript, anyway
Greetings
Karl

Actually, NoScript has been the very first tool to provide protection against XSS (notice that Heise's demo is not correct, because it's not cross-site).