Odd warning from NoScript

Discussion in 'Feedback/Support/Suggestions' started by Gargoyle, Feb 20, 2013.  |  Print Topic

  1. Gargoyle
    Original Member

    Gargoyle Milepoint Guide

    Messages:
    22,016
    Likes Received:
    96,545
    Status Points:
    20,020
    I run NoScript on Firefox, it just popped up a warning:
    NoScript filtered a potential cross-site scripting (XSS) attempt from (http://milepoint.com). Technical details have been logged to the console.​

    It occurred on this page: http://milepoint.com/forums/threads/f-n-f-n-1-f-n-2.3070/

    The console reference is:
    Timestamp: 2/20/2013 9:35:57 PM
    Warning: Unknown property '-moz-border-radius'. Declaration dropped.
    Source File: http://milepoint.com/forums/css.php?css=xenforo,form,public&style=6&dir=LTR&d=1361398692
    Line: 446​
     
    GoodBoy likes this.
  2. Gargoyle
    Original Member

    Gargoyle Milepoint Guide

    Messages:
    22,016
    Likes Received:
    96,545
    Status Points:
    20,020
    Here's more from the xss console:

    [ABE] <LOCAL> Deny on {GET http://www.google-analytics.com/ga.js <<< http://milepoint.com/forums/threads/f-n-f-n-1-f-n-2.3070/ - 2}
    SYSTEM rule:
    Site LOCAL
    Accept from LOCAL
    Deny
    _______________________________
    [NoScript InjectionChecker] JavaScript Injection in ///widgets/tweet_button.1360972506.html#_=1361418239795&count=horizontal&id=twitter-widget-0&lang=en&original_referer=http://milepoint.com/forums/threads/f-n-f-n-1-f-n-2.3070/&size=m&text=F(n) = F(n-1) + F(n-2)&url=http://milepoint.com/forums/threads/f-n-f-n-1-f-n-2.3070/
    (function anonymous() {
    F(n) = F(n-1) /* COMMENT_TERMINATOR */
    DUMMY_EXPR
    })
    ________________________________

    [NoScript XSS] Sanitized suspicious request. Original URL [http://platform.twitter.com/widgets...int.com/forums/threads/f-n-f-n-1-f-n-2.3070/] requested from [http://milepoint.com/forums/threads/f-n-f-n-1-f-n-2.3070/]. Sanitized URL: [http://platform.twitter.com/widgets/tweet_button.1360972506.html#11838017661665168658].
     
    GoodBoy likes this.
  3. Randy Petersen
    Original Member

    Randy Petersen Founder

    Messages:
    2,731
    Likes Received:
    15,136
    Status Points:
    10,520
    This appears to be beyond my pay grade. . I am absolutely certain this is beyond my pay grade. I'll report this to the first rocket scientist I find in the office in the morning. I didn't even understand the math being discussed in the thread you were linking to. Thanks for the education!
     
    uggboy and GoodBoy like this.
  4. Gargoyle
    Original Member

    Gargoyle Milepoint Guide

    Messages:
    22,016
    Likes Received:
    96,545
    Status Points:
    20,020
    The math in the thread was related to the way Delta calculates sky miles redemption's, however they encrypt everything.
     
    uggboy likes this.
  5. Bill.D

    Bill.D Active Member

    Messages:
    13
    Likes Received:
    30
    Status Points:
    120
    Hey Gargoyle,

    The programmer and I took a long look at this through the night and what we found is that "NoScript" is actually flagging the title of the thread. We did several test scenarios and when we remove the "=" sign there is no warning issued for the thread.

    On a further note; the site does utilize Java scripts. The two I know of are for Google Ads & for providing definitions of highlighted content. Please be aware of those when utilizing a script blocking utility.

    Thanks,
    -Bill
    System Administrator
     
    LauraPDX likes this.
  6. Gargoyle
    Original Member

    Gargoyle Milepoint Guide

    Messages:
    22,016
    Likes Received:
    96,545
    Status Points:
    20,020
    Thanks for checking it out, good to know. Cross-site scripting can be dangerous, I'm glad it's not going on there.

    Nice thing with NoScript is I see what all the java scripts are, and can selectively allow them; so, for example, I can block google ads and facebook but allow google-analytics and livechatinc.
     
  7. Randy Petersen
    Original Member

    Randy Petersen Founder

    Messages:
    2,731
    Likes Received:
    15,136
    Status Points:
    10,520
    rocket scientist meet Gargoyle; Gargoyle meet rocket scientist.
    Excuse me guys, I think I hear someone calling my name—got to run .....
     

Share This Page