XSS yellow bars

[Jojo999]

I am getting a lot of XSS yellow bars lately from NS in FF 3.6.28.

For instance, here:
http://www.marketwatch.com/

But this is happening on a LOT of sites, not just this one I am using in this example. So white listing of all them isn't practical.

When I display the Console (just for the hell of it because I really don't know what I am looking at), I saw these hits at this referenced site:
---------------
Error: missing = in XML attribute
Source file: http://www.marketwatch.com/
Line: 0, Column: 16
Source code:
(<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
----------
Error: missing = in XML attribute
Source file: http://www.marketwatch.com/cdn_content/ ... DisplayAd1
Line: 0, Column: 16
Source code:
(<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
----------
Error: missing = in XML attribute
Source file: http://www.marketwatch.com/cdn_content/ ... ketsModule
Line: 0, Column: 16
Source code:
(<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
----------
Error: missing = in XML attribute
Source file: http://tags.bluekai.com/site/4455?ret=h ... 0441003674
Line: 0, Column: 16
Source code:
(<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

[therube]

What domains do you have allowed at marketwatch.com?

And what are you doing, where are you going to generate the XXS warnings?

Any appropriate Error Console messages would be prefaced in some way by "NoScript:".

[Jojo999]

Here is the list of domains:


The console messages I showed are the ones I retrieved based on this message:
"NoScript filtered a potential cross-site scripting (XSS) attempt from [http://www.marketwatch.com]. Technical details have been logged to the Console."

So it doesn't appear that NoScript is prefacing any header in front. If those messages aren't from NS, then maybe NS isn't really writing any info to the log? Or am I looking in the wrong place?

Again: I get these msgs at maybe 20% of the sites I visit.

[GµårÐïåñ]

It does write them in the log. You have to look in the error console (Ctrl+Shift+J) and depending on how you have it setup or if you have something like console2 installed, you can search for xss or noscript and narrow down your list and/or just look under the messages section, the warning and "errors" can show a lot of unnecessary crap that make things get lost in there.

I see from the menu style in your screenshot that you probably have a theme installed, that could very well be causing it and probably is. So switch to the NORMAL theme of FX and try the sites again and see if you still get the errors. My bet, you won't.

[Jojo999]

It does write them in the log. You have to look in the error console (Ctrl+Shift+J) and depending on how you have it setup or if you have something like console2 installed, you can search for xss or noscript and narrow down your list and/or just look under the messages section, the warning and "errors" can show a lot of unnecessary crap that make things get lost in there.

I see from the menu style in your screenshot that you probably have a theme installed, that could very well be causing it and probably is. So switch to the NORMAL theme of FX and try the sites again and see if you still get the errors. My bet, you won't.

If you were correct with your theme idea, WHY would only some sites display an XSS error and not EVERY SINGLE SITE?

[Thrawn]

I see from the menu style in your screenshot that you probably have a theme installed, that could very well be causing it and probably is. So switch to the NORMAL theme of FX and try the sites again and see if you still get the errors. My bet, you won't.

If you were correct with your theme idea, WHY would only some sites display an XSS error and not EVERY SINGLE SITE?

Depends on the theme, and what it changes. Have you tried disabling it and seeing whether GµårÐïåñ was right?

[Jojo999]

I see from the menu style in your screenshot that you probably have a theme installed, that could very well be causing it and probably is. So switch to the NORMAL theme of FX and try the sites again and see if you still get the errors. My bet, you won't.

If you were correct with your theme idea, WHY would only some sites display an XSS error and not EVERY SINGLE SITE?

Depends on the theme, and what it changes. Have you tried disabling it and seeing whether GµårÐïåñ was right?

I hate wasting time on clearly useless "maybe it will stick if we toss it against the wall" suggestions. Especially ones that can't logically be justified. I've been using this theme for a couple of years w/o any problems. How does one theme affect NS on only 20% of the pages and not all pages?

[Thrawn]

I hate wasting time on clearly useless "maybe it will stick if we toss it against the wall" suggestions. Especially ones that can't logically be justified. I've been using this theme for a couple of years w/o any problems. How does one theme affect NS on only 20% of the pages and not all pages?

And I'm sure that the forum moderators (especially Guardian) hate wasting time on people who a) won't try what they suggest and b) insult their intelligence.

Since I'm not one of said moderators, I'll leave you to them.

[GµårÐïåñ]

Because it depends on what the theme changes, sometimes it affects the site content and its display and sometimes it doesn't. Simple as that. Instead of making a presumption like that, just do it and see if its an issue or not, not rocket science or that difficult to do. But if you don't listen to our help then you are on your own because we can't waste time trying to help someone who doesn't want it.

[Jojo999]

Because it depends on what the theme changes, sometimes it affects the site content and its display and sometimes it doesn't. Simple as that. Instead of making a presumption like that, just do it and see if its an issue or not, not rocket science or that difficult to do. But if you don't listen to our help then you are on your own because we can't waste time trying to help someone who doesn't want it.

I tried it to make you guys happy and as I expected, the error still occurs (I used a different page for this test). Here's the evidence:
http://i.minus.com/ikYh3pdnJvVK.jpg

Code: Select all

Here are the NS errors I am seeing on the Console:

Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: p.onProgressChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 344
 ----------
[NoScript InjectionChecker] HTML injection:
<iframe 
matches <[^\w<>]*(?:[^<>"'\s]*:)?[^\w<>]*(?:\W*s\W*c\W*r\W*i\W*p\W*t|\W*f\W*o\W*r\W*m|\W*s\W*t\W*y\W*l\W*e|\W*s\W*v\W*g|\W*m\W*a\W*r\W*q\W*u\W*e\W*e|(?:\W*l\W*i\W*n\W*k|\W*o\W*b\W*j\W*e\W*c\W*t|\W*e\W*m\W*b\W*e\W*d|\W*a\W*p\W*p\W*l\W*e\W*t|\W*p\W*a\W*r\W*a\W*m|\W*i?\W*f\W*r\W*a\W*m\W*e|\W*b\W*a\W*s\W*e|\W*b\W*o\W*d\W*y|\W*m\W*e\W*t\W*a|\W*i\W*m\W*a?\W*g\W*e?|\W*v\W*i\W*d\W*e\W*o|\W*a\W*u\W*d\W*i\W*o|\W*b\W*i\W*n\W*d\W*i\W*n\W*g\W*s|\W*s\W*e\W*t|\W*a\W*n\W*i\W*m\W*a\W*t\W*e)[^>\w])|(?:<\w[\s\S]*[\s\/]|['"](?:[\s\S]*[\s\/])?)(?:formaction|style|background|src|lowsrc|ping|on(?:e(?:rror(?:update)?|nd)|c(?:o(?:nt(?:extmenu|rolselect)|py)|ut|lick|(?:ellc)?hange)|m(?:o(?:ve(?:end|start)?|use(?:o(?:ut|ver)|up|(?:mo|lea)ve|down|wheel|enter))|essage)|lo(?:ad|secapture)|d(?:r(?:ag(?:en(?:d|ter)|drop|over|leave|start)?|op)|ata(?:setc(?:hanged|omplete)|available)|blclick|eactivate)|s(?:t(?:op|art)|elect(?:start)?|croll|ubmit)|b(?:e(?:for(?:e(?:c(?:ut|opy)|p(?:aste|rint)|u(?:pdate|nload)|activate|editfocus)|deactivate)|gin)|lur|ounce)|p(?:ast|ropertychang)e|key(?:up|down|press)|f(?:o(?:cus(?:in|out)?|rm(?:input|change))|i(?:nish|lterchange))|in(?:put|valid)|a(?:fter(?:print|update)|bort|ctivate)|r(?:e(?:s(?:et|ize)|peat|adystatechange)|ow(?:e(?:xit|nter)|s(?:delete|inserted)))|zoom|help|unload))[\s\x08]*=
 ----------
[NoScript XSS] Sanitized suspicious request. Original URL [http://l.yimg.com/j/static/frame?e=PGlmcmFtZSB3aWR0aD0iNTYwIiBoZWlnaHQ9IjMxNSIgc3JjPSJodHRwOi8vd3d3LnlvdXR1YmUuY29tL2VtYmVkL1lJZ3ktQmtOeDlNIiBmcmFtZWJvcmRlcj0iMCIgYWxsb3dmdWxsc2NyZWVuPjwvaWZyYW1lPg%3D%3D&s=.ZQ6UNgY9HM3qwHdekWrsQdRTSQ-] requested from [http://news.yahoo.com/blogs/ticket/republican-don-young-endorses-democrat-mazie-hironi-hawaii-203318177.html]. Sanitized URL: [http://l.yimg.com/j/static/frame?e=PGlmcmFtZSB3aWR0aD0iNTYwIiBoZWlnaHQ9IjMxNSIgc3JjPSJodHRwOi8vd3d3LnlvdXR1YmUuY29tL2VtYmVkL1lJZ3ktQmtOeDlNIiBmcmFtZWJvcmRlcj0iMCIgYWxsb3dmdWxsc2NyZWVuPjwvaWZyYW1lPg%20%20&s=.ZQ6UNgY9HM3qwHdekWrsQdRTSQ-#6595344988961309566].
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
[NoScript InjectionChecker] HTML injection:
<iframe 
matches <[^\w<>]*(?:[^<>"'\s]*:)?[^\w<>]*(?:\W*s\W*c\W*r\W*i\W*p\W*t|\W*f\W*o\W*r\W*m|\W*s\W*t\W*y\W*l\W*e|\W*s\W*v\W*g|\W*m\W*a\W*r\W*q\W*u\W*e\W*e|(?:\W*l\W*i\W*n\W*k|\W*o\W*b\W*j\W*e\W*c\W*t|\W*e\W*m\W*b\W*e\W*d|\W*a\W*p\W*p\W*l\W*e\W*t|\W*p\W*a\W*r\W*a\W*m|\W*i?\W*f\W*r\W*a\W*m\W*e|\W*b\W*a\W*s\W*e|\W*b\W*o\W*d\W*y|\W*m\W*e\W*t\W*a|\W*i\W*m\W*a?\W*g\W*e?|\W*v\W*i\W*d\W*e\W*o|\W*a\W*u\W*d\W*i\W*o|\W*b\W*i\W*n\W*d\W*i\W*n\W*g\W*s|\W*s\W*e\W*t|\W*a\W*n\W*i\W*m\W*a\W*t\W*e)[^>\w])|(?:<\w[\s\S]*[\s\/]|['"](?:[\s\S]*[\s\/])?)(?:formaction|style|background|src|lowsrc|ping|on(?:e(?:rror(?:update)?|nd)|c(?:o(?:nt(?:extmenu|rolselect)|py)|ut|lick|(?:ellc)?hange)|m(?:o(?:ve(?:end|start)?|use(?:o(?:ut|ver)|up|(?:mo|lea)ve|down|wheel|enter))|essage)|lo(?:ad|secapture)|d(?:r(?:ag(?:en(?:d|ter)|drop|over|leave|start)?|op)|ata(?:setc(?:hanged|omplete)|available)|blclick|eactivate)|s(?:t(?:op|art)|elect(?:start)?|croll|ubmit)|b(?:e(?:for(?:e(?:c(?:ut|opy)|p(?:aste|rint)|u(?:pdate|nload)|activate|editfocus)|deactivate)|gin)|lur|ounce)|p(?:ast|ropertychang)e|key(?:up|down|press)|f(?:o(?:cus(?:in|out)?|rm(?:input|change))|i(?:nish|lterchange))|in(?:put|valid)|a(?:fter(?:print|update)|bort|ctivate)|r(?:e(?:s(?:et|ize)|peat|adystatechange)|ow(?:e(?:xit|nter)|s(?:delete|inserted)))|zoom|help|unload))[\s\x08]*=
 ----------
[NoScript XSS] Sanitized suspicious request. Original URL [http://l.yimg.com/j/static/frame?e=PGlmcmFtZSB3aWR0aD0iNTYwIiBoZWlnaHQ9IjMxNSIgc3JjPSJodHRwOi8vd3d3LnlvdXR1YmUuY29tL2VtYmVkL1lJZ3ktQmtOeDlNIiBmcmFtZWJvcmRlcj0iMCIgYWxsb3dmdWxsc2NyZWVuPjwvaWZyYW1lPg%20%20&s=.ZQ6UNgY9HM3qwHdekWrsQdRTSQ-#6595344988961309566] requested from [http://news.yahoo.com/blogs/ticket/republican-don-young-endorses-democrat-mazie-hironi-hawaii-203318177.html]. Sanitized URL: [http://l.yimg.com/j/static/frame?e=PGlmcmFtZSB3aWR0aD0iNTYwIiBoZWlnaHQ9IjMxNSIgc3JjPSJodHRwOi8vd3d3LnlvdXR1YmUuY29tL2VtYmVkL1lJZ3ktQmtOeDlNIiBmcmFtZWJvcmRlcj0iMCIgYWxsb3dmdWxsc2NyZWVuPjwvaWZyYW1lPg%20&s=.ZQ6UNgY9HM3qwHdekWrsQdRTSQ-#14984127822515259595].
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
[NoScript InjectionChecker] HTML injection:
<iframe 
matches <[^\w<>]*(?:[^<>"'\s]*:)?[^\w<>]*(?:\W*s\W*c\W*r\W*i\W*p\W*t|\W*f\W*o\W*r\W*m|\W*s\W*t\W*y\W*l\W*e|\W*s\W*v\W*g|\W*m\W*a\W*r\W*q\W*u\W*e\W*e|(?:\W*l\W*i\W*n\W*k|\W*o\W*b\W*j\W*e\W*c\W*t|\W*e\W*m\W*b\W*e\W*d|\W*a\W*p\W*p\W*l\W*e\W*t|\W*p\W*a\W*r\W*a\W*m|\W*i?\W*f\W*r\W*a\W*m\W*e|\W*b\W*a\W*s\W*e|\W*b\W*o\W*d\W*y|\W*m\W*e\W*t\W*a|\W*i\W*m\W*a?\W*g\W*e?|\W*v\W*i\W*d\W*e\W*o|\W*a\W*u\W*d\W*i\W*o|\W*b\W*i\W*n\W*d\W*i\W*n\W*g\W*s|\W*s\W*e\W*t|\W*a\W*n\W*i\W*m\W*a\W*t\W*e)[^>\w])|(?:<\w[\s\S]*[\s\/]|['"](?:[\s\S]*[\s\/])?)(?:formaction|style|background|src|lowsrc|ping|on(?:e(?:rror(?:update)?|nd)|c(?:o(?:nt(?:extmenu|rolselect)|py)|ut|lick|(?:ellc)?hange)|m(?:o(?:ve(?:end|start)?|use(?:o(?:ut|ver)|up|(?:mo|lea)ve|down|wheel|enter))|essage)|lo(?:ad|secapture)|d(?:r(?:ag(?:en(?:d|ter)|drop|over|leave|start)?|op)|ata(?:setc(?:hanged|omplete)|available)|blclick|eactivate)|s(?:t(?:op|art)|elect(?:start)?|croll|ubmit)|b(?:e(?:for(?:e(?:c(?:ut|opy)|p(?:aste|rint)|u(?:pdate|nload)|activate|editfocus)|deactivate)|gin)|lur|ounce)|p(?:ast|ropertychang)e|key(?:up|down|press)|f(?:o(?:cus(?:in|out)?|rm(?:input|change))|i(?:nish|lterchange))|in(?:put|valid)|a(?:fter(?:print|update)|bort|ctivate)|r(?:e(?:s(?:et|ize)|peat|adystatechange)|ow(?:e(?:xit|nter)|s(?:delete|inserted)))|zoom|help|unload))[\s\x08]*=
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: p.onProgressChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 344
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: Component is not available
Source file: file:///D:/Documents%20and%20Settings/Me%231/Application%20Data/Mozilla/ProfileManager/20110806/gm_scripts/antidisabler.user.js
Line: 52
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: missing = in XML attribute
Source file: http://l.yimg.com/j/static/frame?e=PGlm ... 2515259595
Line: 0, Column: 16
Source code:
(<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> 
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: Component is not available
Source file: file:///D:/Documents%20and%20Settings/Me%231/Application%20Data/Mozilla/ProfileManager/20110806/gm_scripts/antidisabler.user.js
Line: 52
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: missing = in XML attribute
Source file: http://news.yahoo.com/blogs/ticket/repu ... 18177.html
Line: 0, Column: 16
Source code:
(<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> 
 ----------
Error: p.onProgressChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 344
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: html is not defined
Source file: chrome://canitbecheaper/content/browser_wrapper.js
Line: 521
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546
 ----------
Error: p.onStatusChange is not a function
Source file: chrome://browser/content/tabbrowser.xml
Line: 546

[therube]

Well you can force it simply by trying to open the URL:

http://l.yimg.com/j/static/frame?e=PGlmcmFtZSB3aWR0aD0iNTYwIiBoZWlnaHQ9IjMxNSIgc3JjPSJodHRwOi8vd3d3LnlvdXR1YmUuY29tL2VtYmVkL1lJZ3ktQmtOeDlNIiBmcmFtZWJvcmRlcj0iMCIgYWxsb3dmdWxsc2NyZWVuPjwvaWZyYW1lPg%3D%3D&s=.ZQ6UNgY9HM3qwHdekWrsQdRTSQ-

Why it occurs, I don't know?

As a test, & until someone who knows comes along, create a new, clean Profile, install only NoScript & see if you can duplicate the actions to force an XSS warning.

(I'm thinking it may have to do with some interaction with other extensions or greasemonkey scripts?)

[Jojo999]

Sigh, the catch all explanation for unknown errors in FF - extension conflict. REMEMBER - this XSS problem is only happening on SOME sites, not all of them. That should rule out an extension problem. If it were an extension, then it should affect every page.

Don't those console errors I provided show anything about what the cause of the problem is? What is the purpose of writing errors to the console if they don't help identify a problem?

Here's another site that always generates errors:
http://www.marketwatch.com/story/will-z ... teid=nwhpm

[therube]

http://www.marketwatch.com/story/will-zuckerberg-address-facebook-investors-2012-07-26?siteid=nwhpm

Took me two Temporarily Allow All's before I got it to do it. (Too many domains, I wasn't about to one-at-a-time.)

Code: Select all

[NoScript InjectionChecker] JavaScript Injection in coalesced:///site/4455ret=html&limit=10&r=57231&phint=serverDomain=www.marketwatch.com, primaryProduct=MarketWatch, pageName=MW_Article_Therese Poletti's Tech Tales_9AF6EE1C-D5FA-11E1-B099-002128049AD6, section=MW_Commentary, articleType=MW_Article_Therese Poletti's Tech Tales, subSection=MW_Article_Therese Poletti's Tech Tales, contentType=article, contentChannel=Article, isSub=nomem, adSection1=brokerbuttons.marketwatch.com, adZone1=technology_techtales, adSize1=288x40, adSection2=marketwatch.com, adSize2=300x14, __bk_k=Will Zuckerberg address Facebook investors? - Therese Poletti's Tech Tales - MarketWatch, __bk_k=Commentary, FB, Facebook Inc. Cl A, AAPL, Apple Inc., GOOG, Google Inc. Cl A, YHOO, Yahoo! Inc.
(function anonymous() {serverDomain = www.marketwatch.com, primaryProduct = MarketWatch, DUMMY_EXPR;})

Code: Select all

[NoScript XSS] Sanitized suspicious request. Original URL [http://tags.bluekai.com/site/4455?ret=html&limit=10&r=57231&phint=serverDomain%3Dwww.marketwatch.com&phint=primaryProduct%3DMarketWatch&phint=pageName%3DMW_Article_Therese%20Poletti%26%2339%3Bs%20Tech%20Tales_9AF6EE1C-D5FA-11E1-B099-002128049AD6&phint=section%3DMW_Commentary&phint=articleType%3DMW_Article_Therese%20Poletti%26%2339%3Bs%20Tech%20Tales&phint=subSection%3DMW_Article_Therese%20Poletti%26%2339%3Bs%20Tech%20Tales&phint=contentType%3Darticle&phint=contentChannel%3DArticle&phint=isSub%3Dnomem&phint=adSection1%3Dbrokerbuttons.marketwatch.com&phint=adZone1%3Dtechnology_techtales&phint=adSize1%3D288x40&phint=adSection2%3Dmarketwatch.com&phint=adSize2%3D300x14&phint=__bk_k%3DWill%20Zuckerberg%20address%20Facebook%20investors%3F%20-%20Therese%20Poletti%27s%20Tech%20Tales%20-%20MarketWatch&phint=__bk_k%3DCommentary%2C%20FB%2C%20Facebook%20Inc.%20Cl%20A%2C%20AAPL%2C%20Apple%20Inc.%2C%20GOOG%2C%20Google%20Inc.%20Cl%20A%2C%20YHOO%2C%20Yahoo!%20Inc.] requested from [http://www.marketwatch.com/story/will-zuckerberg-address-facebook-investors-2012-07-26?siteid=nwhpm]. Sanitized URL: [http://tags.bluekai.com/site/4455?ret=html&limit=10&r=57231&phint=serverDomain%20www.marketwatch.com&phint=primaryProduct%20MarketWatch&phint=pageName%20MW_Article_Therese%20Poletti%20s%20Tech%20Tales_9AF6EE1C-D5FA-11E1-B099-002128049AD6&phint=section%20MW_Commentary&phint=articleType%20MW_Article_Therese%20Poletti%20s%20Tech%20Tales&phint=subSection%20MW_Article_Therese%20Poletti%20s%20Tech%20Tales&phint=contentType%20article&phint=contentChannel%20Article&phint=isSub%20nomem&phint=adSection1%20brokerbuttons.marketwatch.com&phint=adZone1%20technology_techtales&phint=adSize1%20288x40&phint=adSection2%20marketwatch.com&phint=adSize2%20300x14&phint=__bk_k%20Will%20Zuckerberg%20address%20Facebook%20investors%3F%20-%20Therese%20Poletti%20s%20Tech%20Tales%20-%20MarketWatch&phint=__bk_k%20Commentary%2C%20FB%2C%20Facebook%20Inc.%20Cl%20A%2C%20AAPL%2C%20Apple%20Inc.%2C%20GOOG%2C%20Google%20Inc.%20Cl%20A%2C%20YHOO%2C%20Yahoo!%20Inc.#10730465046646542444].

(To note: If you don't put URL's is URL tags, [url]..., then if you were to edit your post, the URL would become corrupted.)


Forbid this bluekai.com domain (whatever that my be used for) & the XSS warning goes away.

[Jojo999]

OK, forbidding blueakai worked on the Marketwatch site. This is progress! Thanks.

I also experimented with the Yahoo link. I blocked the yimg.com link at:
http://news.yahoo.com/blogs/ticket/repu ... 18177.html

In the past, this has caused things not to work in Yahoo but for the moment doing this removed the XSS error.

Let's see what happens.

Thanks.

[DanyR]

This seems machine dependent to me, because for me all provided links in this topic work for me.

FF14
NoScript V2.4.9
location: Germany

Cheers,
Dany