Advanced search

Any techs out there? Cross-site scripting (XSS) error?

(3 Posts)
unlucky83 Thu 17-Mar-16 10:16:31

I have a script blocker (No Script) - accessing MN today (but not yesterday straight after the changes) I am getting a message that it has 'filtered a potential cross-site scripting attempt (XSS) from http - not https // '
Do you know why?
(I got a similar message last year just prior to slightly concerned)
Technical detail from console
^ [NoScript XSS] Sanitized suspicious request. Original URL [] requested from []. Sanitized URL: [].

fredfredgeorgejnrsnr Thu 17-Mar-16 10:55:49

That's just a google+ request, unless you use google+ (which I very much doubt, no-one does really) is well worth blocking, as it will simply stop google knowing which mumsnet pages you read.

It's not explicitly a security problem though.

unlucky83 Thu 17-Mar-16 11:47:59

Thanks - I'll put up with the annoying strip across the top of the page then...
(Not a google plus user fact a bit annoyed that I've just realised unless I actually sign out of my email google tracks my searches anyway...)
Odd that it has just appeared after the changes ?
(And honestly I can't remember exactly what the similar problems were around Hackergate but I wasn't particularly surprised as things had seemed a bit odd for a while...)

Join the discussion

Join the discussion

Registering is free, easy, and means you can join in the discussion, get discounts, win prizes and lots more.

Register now