Although I suspect that NoScript is just being paranoid

This from the Mageia site

*************************

NoScript detected a potential Cross-Site Scripting attack

from file:///usr/share/indexhtml/index.html to http://start.mageia.org.

Suspicious data:

(URL) http://start.mageia.org/?p=vendor=Mageia.Org,distribution=Mageia,type=Basic,ver sion=7,branch=Official,release=7,arch=x86_64,product=Default&l=en

**********************************8

Not all that suspicious Just curious mainly


--
faeychild
Running plasmashell 5.15.4 on 5.5.9-desktop-1.mga7 kernel.
Mageia release 7 (Official) for x86_64 installed via Mageia-7-x86_64-DVD.iso


--- MBSE BBS v1.0.7.13 (GNU/Linux-x86_64)
* Origin: A noiseless patient Spider (2:250/0@fidonet)

On 2020-03-16, faeychild <faeychild@nomail.afraid.org> wrote:

Although I suspect that NoScript is just being paranoid

This from the Mageia site

*************************

NoScript detected a potential Cross-Site Scripting attack

from file:///usr/share/indexhtml/index.html to http://start.mageia.org.

Have you looked at /usr/share/indexhtml/index.html
to see what it does?

Suspicious data:

(URL)

http://start.mageia.org/?p=vendor=Mageia.Org,distribution=Mageia,type=Basic,ver sion=7,branch=Official,release=7,arch=x86_64,product=Default&l=en

**********************************8

Not all that suspicious Just curious mainly

--- MBSE BBS v1.0.7.13 (GNU/Linux-x86_64)
* Origin: A noiseless patient Spider (2:250/0@fidonet)

On Sun, 15 Mar 2020 21:17:47 -0400, faeychild <faeychild@nomail.afraid.org> wrote:

Although I suspect that NoScript is just being paranoid
This from the Mageia site
*************************
NoScript detected a potential Cross-Site Scripting attack
from file:///usr/share/indexhtml/index.html to http://start.mageia.org. Suspicious data:
(URL)

http://start.mageia.org/?p=vendor=Mageia.Org,distribution=Mageia,type=Basic,ver sion=7,branch=Official,release=7,arch=x86_64,product=Default&l=en

**********************************8
Not all that suspicious Just curious mainly

What url did you enter, and using which browser?

Using firefox on Mageia 7, I'm not seeing any noscript warnings on https://www.mageia.org, or http://www.mageia.org/en/downloads/, or any of
the other pages I checked.

Regards, Dave Hodgins

--
Change dwhodgins@nomail.afraid.org to davidwhodgins@teksavvy.com for
email replies.

--- MBSE BBS v1.0.7.13 (GNU/Linux-x86_64)
* Origin: A noiseless patient Spider (2:250/0@fidonet)

On Sun, 15 Mar 2020 21:53:57 -0400, David W. Hodgins wrote:

On Sun, 15 Mar 2020 21:17:47 -0400, faeychild <faeychild@nomail.afraid.org>

wrote:

Although I suspect that NoScript is just being paranoid
This from the Mageia site
*************************
NoScript detected a potential Cross-Site Scripting attack
from file:///usr/share/indexhtml/index.html to http://start.mageia.org.
Suspicious data:
(URL)
http://start.mageia.org/?p=vendor=Mageia.Org,distribution=Mageia,type=Basic,ver sion=7,branch=Official,release=7,arch=x86_64,product=Default&l=en

What url did you enter, and using which browser?

The above http://start.mageia.org url also gives me the NoScript warning.
$ firefox --version
Mozilla Firefox 74.0

--- MBSE BBS v1.0.7.13 (GNU/Linux-x86_64)
* Origin: A noiseless patient Spider (2:250/0@fidonet)

On Sun, 15 Mar 2020 21:53:57 -0400, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:

On Sun, 15 Mar 2020 21:17:47 -0400, faeychild <faeychild@nomail.afraid.org>

wrote:

Although I suspect that NoScript is just being paranoid
This from the Mageia site
*************************
NoScript detected a potential Cross-Site Scripting attack
from file:///usr/share/indexhtml/index.html to http://start.mageia.org.
Suspicious data:
(URL)
http://start.mageia.org/?p=vendor=Mageia.Org,distribution=Mageia,type=Basic,ver sion=7,branch=Official,release=7,arch=x86_64,product=Default&l=en
**********************************8
Not all that suspicious Just curious mainly

What url did you enter, and using which browser?

Using firefox on Mageia 7, I'm not seeing any noscript warnings on https://www.mageia.org, or http://www.mageia.org/en/downloads/, or any of
the other pages I checked.

Ah. I missed that it was the file from the indexhtml package being loaded. Confirmed the noscript warning is present when loading the file into firefox. Not sure how this should be handled.

I'll forward a copy of this message to the atelier-discuss@ml.mageia.org mailing
list.

Regards, Dave Hodgins

--
Change dwhodgins@nomail.afraid.org to davidwhodgins@teksavvy.com for
email replies.

--- MBSE BBS v1.0.7.13 (GNU/Linux-x86_64)
* Origin: A noiseless patient Spider (2:250/0@fidonet)

On 16/3/20 1:02 pm, David W. Hodgins wrote:

Using firefox on Mageia 7, I'm not seeing any noscript warnings on
https://www.mageia.org, or http://www.mageia.org/en/downloads/, or any of
the other pages I checked.

Ah. I missed that it was the file from the indexhtml package being loaded. Confirmed the noscript warning is present when loading the file into firefox.
Not sure how this should be handled.

I'll forward a copy of this message to the atelier-discuss@ml.mageia.org mailing
list.

Regards, Dave Hodgins

I allowed an update today and Firefox was included.
After rebooting, this warning from Noscript popped up when I restarted
Firefox

Maybe NoScript is being extra picky. I am not concerned :-)

Better to be picky than tardy

regards

--
faeychild
Running plasmashell 5.15.4 on 5.5.9-desktop-1.mga7 kernel.
Mageia release 7 (Official) for x86_64 installed via Mageia-7-x86_64-DVD.iso


--- MBSE BBS v1.0.7.13 (GNU/Linux-x86_64)
* Origin: A noiseless patient Spider (2:250/0@fidonet)

On 2020-03-16, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:

On Sun, 15 Mar 2020 21:53:57 -0400, David W. Hodgins

<dwhodgins@nomail.afraid.org> wrote:

On Sun, 15 Mar 2020 21:17:47 -0400, faeychild <faeychild@nomail.afraid.org> wrote:

Although I suspect that NoScript is just being paranoid
This from the Mageia site
*************************
NoScript detected a potential Cross-Site Scripting attack
from file:///usr/share/indexhtml/index.html to http://start.mageia.org.
Suspicious data:
(URL)
http://start.mageia.org/?p=vendor=Mageia.Org,distribution=Mageia,type=Basic,ver sion=7,branch=Official,release=7,arch=x86_64,product=Default&l=en
**********************************8
Not all that suspicious Just curious mainly

What url did you enter, and using which browser?

Using firefox on Mageia 7, I'm not seeing any noscript warnings on
https://www.mageia.org, or http://www.mageia.org/en/downloads/, or any of
the other pages I checked.

Ah. I missed that it was the file from the indexhtml package being loaded. Confirmed the noscript warning is present when loading the file into

firefox.

Not sure how this should be handled.

I'll forward a copy of this message to the atelier-discuss@ml.mageia.org

mailing

list.

It seems that the purpose of Noscript is to stop all Java/Javascript/...
from running, unless you whitelist the web page. This would seem to be a Javascript. So either the user or Mageia in its installation would have
to whitelist this page.

Regards, Dave Hodgins

--- MBSE BBS v1.0.7.13 (GNU/Linux-x86_64)
* Origin: A noiseless patient Spider (2:250/0@fidonet)

On Mon, 16 Mar 2020 06:31:50 -0000 (UTC), William Unruh wrote:

On 2020-03-16, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:

On Sun, 15 Mar 2020 21:53:57 -0400, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:

On Sun, 15 Mar 2020 21:17:47 -0400, faeychild <faeychild@nomail.afraid.org> wrote:

Although I suspect that NoScript is just being paranoid
This from the Mageia site
*************************
NoScript detected a potential Cross-Site Scripting attack
from file:///usr/share/indexhtml/index.html to http://start.mageia.org. >>>> Suspicious data:
(URL)
http://start.mageia.org/?p=vendor=Mageia.Org,distribution=Mageia,type=Basic,ver sion=7,branch=Official,release=7,arch=x86_64,product=Default&l=en
**********************************8
Not all that suspicious Just curious mainly

What url did you enter, and using which browser?

Using firefox on Mageia 7, I'm not seeing any noscript warnings on
https://www.mageia.org, or http://www.mageia.org/en/downloads/, or any of >>> the other pages I checked.

Ah. I missed that it was the file from the indexhtml package being loaded. >> Confirmed the noscript warning is present when loading the file into firefox.
Not sure how this should be handled.

I'll forward a copy of this message to the atelier-discuss@ml.mageia.org mailing
list.

It seems that the purpose of Noscript is to stop all Java/Javascript/...
from running,

I can understand Faeychild's concern, I hit lots of sites and this
was the first time I have seen the noscript message.

--- MBSE BBS v1.0.7.13 (GNU/Linux-x86_64)
* Origin: A noiseless patient Spider (2:250/0@fidonet)

On Mon, 16 Mar 2020 01:36:32 -0500, Bit Twister wrote:

On Mon, 16 Mar 2020 06:31:50 -0000 (UTC), William Unruh wrote:

On 2020-03-16, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:

On Sun, 15 Mar 2020 21:53:57 -0400, David W. Hodgins
<dwhodgins@nomail.afraid.org> wrote:

On Sun, 15 Mar 2020 21:17:47 -0400, faeychild
<faeychild@nomail.afraid.org> wrote:

Although I suspect that NoScript is just being paranoid This from
the Mageia site *************************
NoScript detected a potential Cross-Site Scripting attack from
file:///usr/share/indexhtml/index.html to http://start.mageia.org.
Suspicious data:
(URL)
http://start.mageia.org/? p=vendor=Mageia.Org,distribution=Mageia,type=Basic,version=7,branch=Official,re lease=7,arch=x86_64,product=Default&l=en
**********************************8 Not all that suspicious Just
curious mainly

What url did you enter, and using which browser?

Using firefox on Mageia 7, I'm not seeing any noscript warnings on
https://www.mageia.org, or http://www.mageia.org/en/downloads/, or
any of the other pages I checked.

Ah. I missed that it was the file from the indexhtml package being
loaded.
Confirmed the noscript warning is present when loading the file into
firefox.
Not sure how this should be handled.

I'll forward a copy of this message to the
atelier-discuss@ml.mageia.org mailing list.

It seems that the purpose of Noscript is to stop all
Java/Javascript/...
from running,

I can understand Faeychild's concern, I hit lots of sites and this was
the first time I have seen the noscript message.

The notice depends on your noscript settings, and on whether you tell
noscript to tell you about potential cross-site scripting.

I abhor animation when I am trying to read articles or papers, and news websites are loaded with cross-site scripts that deliver animated ads. Privoxy, browser settings, and for firefox noscript are used to control
such. If all that does not work, I generally avoid the offending website.

Cheers!

jim b.

--
UNIX is not user-unfriendly, it merely expects users to be computer-
friendly.

--- MBSE BBS v1.0.7.13 (GNU/Linux-x86_64)
* Origin: A noiseless patient Spider (2:250/0@fidonet)

After van update for Firefox last September, I reported more or less the
same warning from NoScript on the Mageia website.

The answer of Dokter5000 was: why worry, put the url in the exception
list of NoScript.

https://forums.mageia.org/en/viewtopic.php? f=4&t=13046&p=76454&hilit=noscript#p76453

Cheers,
Marc


--- MBSE BBS v1.0.7.13 (GNU/Linux-x86_64)
* Origin: Air Applewood, The Linux Gateway to the UK & Eire (2:250/0@fidonet)

On 16/3/20 12:17 pm, faeychild wrote:

Although I suspect that NoScript is just being paranoid

This from the Mageia site

*************************

NoScript detected a potential Cross-Site Scripting attack

from file:///usr/share/indexhtml/index.html to http://start.mageia.org.

Suspicious data:

(URL)

http://start.mageia.org/?p=vendor=Mageia.Org,distribution=Mageia,type=Basic,ver sion=7,branch=Official,release=7,arch=x86_64,product=Default&l=en

**********************************8

Not all that suspicious Just curious mainly

I have the same file. Here is the code:

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Expires" content="0">
<meta http-equiv="Cache-Control" content="no-cache">
<meta name="product:id" content="vendor=Mageia.Org,distribution=Mageia,type=Basic,version=7,branch=Offi cial,release=7,arch=x86_64,product=Default">
<title>Mageia</title>
<style>
html { margin: 0; background-color: #e6e4e0; }
body { margin: 0 auto; padding: 0 0 2em 0; width: 810px;
text-align: center; }
a { text-decoration: none; }
h1 { margin: 0 0 2em 0; }
img { border: 0; }
</style>
<base href="/usr/share/indexhtml/">
<script type="text/javascript" src="script.js"></script>
</head>
<body onload="try{new StartPage('http://start.mageia.org/').run();}catch(e){}">
<h1><a href="http://start.mageia.org/?ssp"><img src="images/logo_mageia.png" alt="Mageia"></a></h1>
</body>
</html>

I was told once, that the browser will automatically add a "/"
My guess is, that if a user types indexhtml in a browser, that becomes http://indexhtml/, and is automatically redirected to index.html by the
script that is mentioned.

--- MBSE BBS v1.0.7.13 (GNU/Linux-x86_64)
* Origin: Aioe.org NNTP Server (2:250/1@fidonet)