Open MartinX3 opened 3 years ago
hackademix
commented
3 years ago It works for me. The most likely reason is that sometimes in the past the XSS filter has been triggered by some request landing on calendar.google.com and, when asked, you selected "Always block cross-site requests to calendar.google.com". You can easily find out by using NoScript Options>Export and examining the "xssUserChoices" property and/or by using NoScript Options>Advanced>Clear XSS Choices.
MartinX3
commented
3 years ago My xssUserChoices:{} were empty :) I clicked also the "Reset" button for XSS Choices, but no change in behaviour. Just a blank, loading page. :(
PS: Ah. It loads, it just takes ~5minutes until the page got loaded. While it loads instant with a deactivated XSS protection.
Is there some way to debug why the NoScript XSS protection delays the website access there?
hackademix
commented
3 years ago You can obtain verbose debugging output by checking NoScript Options>Advanced>Debug , then opening about:debugging and clicking the "Inspect" button in the NoScript entry.
Some other information which may help diagnosing this issue:
Thanks!
MartinX3
commented
3 years ago Thank you for your help :)
Sadly it seems to still happen and I think I was able to find the source of the issues.
Here in germany we use special letters like ẞßÄÖÜöäü and it seems to loop longer until it finish loading the page.
hackademix
commented
3 years ago It should be fixed in 11.1.9rc4, thanks.
The access to
https://calendar.google.com/calendar/u/0/r/eventedit?parametersForDateis blocked if XSS protection is active and I get no question if I want to allow it.Only workaround is a global deactivation of the XSS protection in the NoScript settings.