Linux Format forums Forum Index Linux Format forums
Help, discussion, magazine feedback and more
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

What a nice world it is online

 
Post new topic   Reply to topic    Linux Format forums Forum Index -> Off Topic
View previous topic :: View next topic  
Author Message
guy
LXF regular


Joined: Thu Apr 07, 2005 1:07 pm
Posts: 1041
Location: Worcestershire

PostPosted: Sun Nov 24, 2013 1:50 pm    Post subject: What a nice world it is online Reply with quote

I had Wikipedia and Facebook open in separate tabs. NoScript cripples both, so I allow Wikipedia free reign and enable Facebook every time I log in. Just now I clicked a Wikipedia internal link and a piece of javascript on facebook kicked off briefly, its ID flicking up in the tab for the facebook page I had open. It doesn't seem to be repeatable. Was that some facebook spyware running in my browser or was it just a coincidence?

Possibly related though I don't see how, in the NoScript options XSS tab there is a list of anti-XSS protection exceptions, i.e. XSS scripts that NoScript allows. At present I have listed:

^https?://([a-z]+)\.google\.(?:[a-z]{1,3}\.)?[a-z]+/(?:search|custom|\1)\?
^https?://([a-z]*)\.?search\.yahoo\.com/search(?:\?|/\1\b)
^https?://[a-z]+\.wikipedia\.org/wiki/[^"<>\?%]+$
^https?://translate\.google\.com/translate_t[^"'<>\?%]+$
^https://secure\.wikimedia\.org/wikipedia/[a-z]+/wiki/[^"<>\?%]+$

Can anybody explain why these are here and whether I can restore XSS protections (i.e. remove some entries) without crippling my web browsing?
_________________
Cheers,
Guy
The eternal help vampire
Back to top
View user's profile Send private message
johnhudson
LXF regular


Joined: Wed Aug 03, 2005 2:37 pm
Posts: 857

PostPosted: Sun Nov 24, 2013 9:31 pm    Post subject: Reply with quote

These are part of NoScript's protection; see https://en.wikipedia.org/wiki/NoScript, section HTTPS enhancements.
Back to top
View user's profile Send private message
Alex01UK
LXF regular


Joined: Thu Jun 14, 2012 5:31 pm
Posts: 198
Location: Scarborough, North Yorkshire, United Kingdom

PostPosted: Thu Dec 05, 2013 6:07 pm    Post subject: Reply with quote

johnhudson wrote:
These are part of NoScript's protection; see https://en.wikipedia.org/wiki/NoScript, section HTTPS enhancements.


Fantastiue! Well Done... Wink Cool %)
tee hee pee.
_________________
Acer Aspire 5551: AMD Athlon P320 (2.1 GHz), 3GB RAM, ATI HD 425o Graphics.
64bit Windows 7 Home Premium, 64bit Ubuntu Studio 13.1o, 32bit Lubuntu 13.o4

''I am what I am, because we are what we are.''
Back to top
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger
View previous topic :: View next topic  
Display posts from previous:   
Post new topic   Reply to topic    Linux Format forums Forum Index -> Off Topic All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Linux Format forums topic RSS feed 


Powered by phpBB © 2001, 2005 phpBB Group


Copyright 2011 Future Publishing, all rights reserved.


Web hosting by UKFast