Forum: NoScript XSS warning

Mad

Member
Guildcard
42000073
We have a new font, right? Looks nice. Or is it a fallback font (as the log says it couldn’t download a certain font). Anyway, not sure if related, but the Firefox add-on NoScript now gives a [NoScript XSS] warning when visiting the forum.

According to the log:

Original URL:

Code:
[https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&count=true&size=medium&hl=en-US&origin=http%3A%2F%2Fwww.pioneer2.net&url=http%3A%2F%2Fwww.pioneer2.net%2Fcommunity%2Findex.php&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.CuOHcMZrCcQ.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPslDq8vs09gyPeiFqyNFQr0GrbIg#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh%2Conload&id=I0_1458353210691&parent=http%3A%2F%2Fwww.pioneer2.net&pfname=&rpctoken=18138370]

Cleaned to:

Code:
[https://apis.google.com/#854812275200079265]

The log entry before that [NoScript XSS] is:

Code:
[NoScript InjectionChecker] JavaScript Injection in ///se/0/_/ 1/fastbutton?usegapi=1&count=true&size=medium&hl=en-US&origin=http://www.pioneer2.net&url=http://www.pioneer2.net/community/index.php?threads/forum-noscript-xss-warning.1586/&gsrc=3p&ic=1&jsh=m;/_/scs/apps-static/_/js/k=oz.gapi.de.CuOHcMZrCcQ.O/m=__features__/am=AQ/rt=j/d=1/rs=AGLTcCPslDq8vs09gyPeiFqyNFQr0GrbIg#_methods=onPlusOne,_ready,_close,_open,_resizeMe,_renderstart,oncircled,drefresh,erefresh,onload&id=I0_1458353519162&parent=http://www.pioneer2.net&pfname=&rpctoken=15267523
(function anonymous() {
_methods=onPlusOne,_ready,_close,_open,_resizeMe,_renderstart,oncircled,drefresh,erefresh,onload /* COMMENT_TERMINATOR */
DUMMY_EXPR
})
 
There is no "new font". Forum is exactly the same with the same fonts and what not since I upgraded to XenForo.

Anyway, it's not my responsibility to make the site work correctly with a browser add-on.
 
Back
Top