Thread: Let users know of a way to block CSS (XSS)

It's very simple and this is the easiest way I know how to do it. Well, I've tried using XSS attacks and one thing I know is when I try executing the XSS on my firefox browser, the XSS attack never works. I kept on getting a pop-up under my address bar and it was from an add-on I had installed into Firefox. It was called No-Script.

"The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java and Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank), and provides the most powerful Anti XSS available in a browser. " - Noscript's Website



Since using this, my Firefox browser has caught attempts I've made to XSS myself. I thought this would be a useful piece of information for the community.


*I'm not providing any links to avoid trouble. If you wish to use it, download Firefox and Google Search it yourself!*



*When I was accepted, they sent me a message and said to watch out for CSS. I thought this could help and admins could spread word of this if they didn't know already*

Security Warning (CSS Hack)

Not sure if this is what they was referring to, however we have known of this particular CSS hack for some time. Thanks for the info on XSS though, I'm going to read up on it.

Originally Posted by Enigma78

Security Warning (CSS Hack)

Not sure if this is what they was referring to, however we have known of this particular CSS hack for some time. Thanks for the info on XSS though, I'm going to read up on it.

exactly.

when i first joined, i was given that link and i was like pshhhh i know all about this!

so i decided to create a thread for people who weren't familiar with just one way of blocking it