Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Why do recent NoScript versions prevent me from using XMLHttpRequest in the Firebug console on untrusted sites?

console firebug noscript recent sites untrusted versions XMLHttpRequest
0
Posted

Why do recent NoScript versions prevent me from using XMLHttpRequest in the Firebug console on untrusted sites?

0 CommentsAdd a Comment

1 Answer

0

Firebug uses various hacks to allow JavaScript interactive execution for web developers in the “apparent” context of sites where JavaScript is otherwise disabled (e.g. by NoScript). Unfortunately one of these hacks, which allows XMLHttpRequest usage, doesn’t work if the noscript.forbidData about:config preference is set to true. Just toggle it to false and Firebug will fully work again. Notice that this change doesn’t imply any special security weakening, as long as XSS protection is kept enabled.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123