Find the answer to your Linux question:
Results 1 to 5 of 5
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Engineer drl's Avatar
    Join Date
    Apr 2006
    Location
    Saint Paul, MN, USA / CentOS, Debian, Slackware, {Free, Open, Net}BSD, Solaris
    Posts
    1,472

    Noscript catches possible XSS attempt


    Hi.

    For about 10 days, the Firefox add-on Noscript has diagnosed a possible problem with this site. Below are the messages posted to the Firefox console ... cheers, drl

    My environment:
    Code:
    OS, ker|rel, machine: Linux, 3.16.0-4-amd64, x86_64
    Distribution        : Debian 8.6 (jessie) 
    firefox Mozilla Firefox 45.5.0
    [NoScript InjectionChecker] JavaScript Injection in coalesced:///site/30629ret=html&phint=site=linuxforums.org, bbseg=6819, bbseg=6832, bbseg=6831, bbseg=6837, bbseg=6917, bbseg=6834, bbseg=6920, bbseg=6924, bbseg=6929, bbseg=6932, bbseg=6938, bbseg=6940, bbseg=6947, bbseg=6952, bbseg=6953, bbseg=6956, bbseg=6822, bbseg=6823, bbseg=6825, bbseg=6848, bbseg=6849, bbseg=6843, bbseg=6874, bbseg=6886, bbseg=6889, bbseg=6893, bbseg=6894, bbseg=6895, bbseg=6867, bbseg=6909, bbseg=6833, bbseg=6571, __bk_t=Linux Forums, __bk_k=Linux Questions, Linux, Linux Forums, Linux Forum, SuSe, Mandriva, Redhat, Fedora, Debian, Gentoo, CentOS, Ubuntu, Arch, Slackware, Mint, __bk_pr=http://www.linuxforums.org/forum/search.php?searchid=2189408, __bk_l=http://www.linuxforums.org/forum/forum.php&limit=10&bknms=ver=2.0,ua=8f752868c2b1ce 408e6a5cf86ba90223,t=1481715867082,m=1fb02bccf50d2 73af50d273a900fe8c5,k=1,lang=07ef608d8a7e9677f0b83 775f0b83775,sr=1920x1080x24,tzo=360,hss=true,hls=t rue,idb=true,addb=undefined,odb=undefined,cpu=4b4e 4ecaab1f1c93ab1f1c93ab1f1c93,platform=1c17637dbf2f 8edebf2f8edebf2f8ede,notrack=,plugins=e6d77d0a382b ba01209b63d37901f754,cn=847c2c1e1d515e28667c15af83 40473d&r=64399749
    (function anonymous() {
    site=linuxforums.org, bbseg=6819, /* COMMENT_TERMINATOR */
    DUMMY_EXPR
    })
    [NoScript XSS] Sanitized suspicious request. Original URL [http://tags.bluekai.com/site/30629?r...3d&r=64399749] requested from [http://www.linuxforums.org/forum/]. Sanitized URL: [http://tags.bluekai.com/site/30629?r...9040484164476].
    Welcome - get the most out of the forum by reading forum basics and guidelines: click here.
    90% of questions can be answered by using man pages, Quick Search, Advanced Search, Google search, Wikipedia.
    We look forward to helping you with the challenge of the other 10%.
    ( Mn, 2.6.n, AMD-64 3000+, ASUS A8V Deluxe, 1 GB, SATA + IDE, Matrox G400 AGP )

  2. #2
    Linux Guru
    Join Date
    Dec 2013
    Posts
    2,747
    thanks for sharing.

    i am well aware of this - my noscript is fully active on this site, for the sake of losing some advanced editing capabilities...

  3. #3
    Linux Guru budman7's Avatar
    Join Date
    Oct 2004
    Location
    Knee deep in Grand Rapids, Michigan
    Posts
    3,901
    Probably why this site has so few new posts.
    Before you login, there is a message that says, "Members don't have to see ads", or something like that.
    My Adblocker is currently blocking 5 ads.
    If you want to learn more about linux take a linux journey
    https://linuxjourney.com/
    Use CODE tags when posting output of commands. Thank you.
    https://www.linuxcounter.net/cert/608410.png

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Engineer drl's Avatar
    Join Date
    Apr 2006
    Location
    Saint Paul, MN, USA / CentOS, Debian, Slackware, {Free, Open, Net}BSD, Solaris
    Posts
    1,472
    Hi, budman7 and nihili.

    Thanks for the responses. I have also posted the issue to "Contact us", but my experience is that such issues rarely get addressed promptly, if at all.

    I appreciate the time it can take to care for a site, but if the administrators don't respond to problems -- either real or just perceived -- then we see a migration away from the site, as we did many months ago.

    I still have an outstanding issue with email not being accepted at my re-mailer (pobox.com) from LinuxForums -- see http://www.linuxforums.org/forum/fee...e-bounces.html

    Best wishes ... cheers, drl
    Welcome - get the most out of the forum by reading forum basics and guidelines: click here.
    90% of questions can be answered by using man pages, Quick Search, Advanced Search, Google search, Wikipedia.
    We look forward to helping you with the challenge of the other 10%.
    ( Mn, 2.6.n, AMD-64 3000+, ASUS A8V Deluxe, 1 GB, SATA + IDE, Matrox G400 AGP )

  6. #5
    Linux Guru
    Join Date
    Dec 2013
    Posts
    2,747
    -->
    i think the situation here has never been better.
    or has it changed significantly in the last year or so?
    i'm using lots of passive blocking so i don't always get fancy notifications about what is being blocked...

    the "admins" here, or site-owners, are probably busy dreaming of a cash cow.

    who knows how many "communities" would still be maintained if it wasn't for a few datamining bucks.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •