Not a biggie, but definitely annoying: I try to register for a media site, so I can put in a comment, and every time I hit "register", noscript pops up telling me it's protecting me from cross-site scripting... and if it's giving me any way to say, "that's ok for this site", I don't see it. I've tried typing in a pattern for xss, and no joy.
Clues for the annoyed?
mark
m.roth@5-cent.us wrote:
Not a biggie, but definitely annoying: I try to register for a media site, so I can put in a comment, and every time I hit "register", noscript pops up telling me it's protecting me from cross-site scripting... and if it's giving me any way to say, "that's ok for this site", I don't see it. I've tried typing in a pattern for xss, and no joy.
Clues for the annoyed?
Well, I managed to do it... by unchecking both check boxes in options->xss, doing the sign-up, then resetting them. You'd think that there'd be an allow option for the script, just as there is for flash....
mark
On Tue, 18 Dec 2012 15:06:16 -0500 m.roth@5-cent.us wrote:
m.roth@5-cent.us wrote:
Not a biggie, but definitely annoying: I try to register for a media site, so I can put in a comment, and every time I hit "register", noscript pops up telling me it's protecting me from cross-site scripting... and if it's giving me any way to say, "that's ok for this site", I don't see it. I've tried typing in a pattern for xss, and no joy.
Clues for the annoyed?
Well, I managed to do it... by unchecking both check boxes in options->xss, doing the sign-up, then resetting them. You'd think that there'd be an allow option for the script, just as there is for flash....
mark
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
It has this, that is the pattern thing, but you've got to make sure you have the pattern correct :-).
Jake Shipton wrote:
On Tue, 18 Dec 2012 15:06:16 -0500 m.roth@5-cent.us wrote:
m.roth@5-cent.us wrote:
Not a biggie, but definitely annoying: I try to register for a media site, so I can put in a comment, and every time I hit "register", noscript pops up telling me it's protecting me from cross-site scripting... and if it's giving me any way to say, "that's ok for this site", I don't see it. I've tried typing in a pattern for xss, and no joy.
Clues for the annoyed?
Well, I managed to do it... by unchecking both check boxes in options->xss, doing the sign-up, then resetting them. You'd think that there'd be an allow option for the script, just as there is for flash....
It has this, that is the pattern thing, but you've got to make sure you have the pattern correct :-).
I did try that, in options->xss? abe? but it complained that it didn't have an EOF or some such.
mark
On Tue, 18 Dec 2012 15:30:41 -0500 m.roth@5-cent.us wrote:
Jake Shipton wrote:
<snip>
I did try that, in options->xss? abe? but it complained that it didn't have an EOF or some such.
mark
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
I believe they are under Options > Advanced > XSS
Did your lines look like these?
^https?://([a-z]+).google.(?:[a-z]{1,3}.)?[a-z]+/(?:search|custom|\1)? ^https?://([a-z]*).?search.yahoo.com/search(?:?|/\1\b) ^https?://[a-z]+.wikipedia.org/wiki/[^"<>?%]+$ ^https?://translate.google.com/translate_t[^"'<>?%]+$ ^https://secure%5C.wikimedia%5C.org/wikipedia/%5Ba-z%5D+/wiki/%5B%5E"<>?%]+$
(These are defaults I believe on mine)
-
Jake Shipton -
m.roth@5-cent.us