Hello,
since yesterday evening, when I browse on KofK my NoScript is giving me a cross-site scripting warning on every page.
Here's the console output of noscript:
Spoiler
Code: Select all
[NoScript InjectionChecker] JavaScript Injection in ///u/0/se/0/_/ 1/fastbutton?usegapi=1&size=medium&origin=https://kofk.de&url=https://plus.google.com/101378544587147772429&gsrc=3p&ic=1&jsh=m;/_/scs/apps-static/_/js/k=oz.gapi.de.bjUzSw-xmIo.O/m=__features__/am=AQ/rt=j/d=1/rs=AGLTcCPGenVj7K3BD2rGooDHpdW09GWKIw#_methods=onPlusOne,_ready,_close,_open,_resizeMe,_renderstart,oncircled,drefresh,erefresh&id=I0_1500036166239&parent=https://kofk.de&pfname=&rpctoken=24087801
(function anonymous(
) {
_/scs/apps-static/_/js/k==oz.gapi.de.bjUzSw-xmIo.O/m==__features__
})
[NoScript XSS] Eine verdächtige Anfrage wurde bereinigt. Original-URL [https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fkofk.de&url=https%3A%2F%2Fplus.google.com%2F101378544587147772429&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.bjUzSw-xmIo.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPGenVj7K3BD2rGooDHpdW09GWKIw#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1500036166239&parent=https%3A%2F%2Fkofk.de&pfname=&rpctoken=24087801] angefordert von [https://kofk.de/findex.php]. Bereinigte URL: [https://apis.google.com/#7370956821011031378].
[NoScript InjectionChecker] JavaScript Injection in ///o/oauth2/postmessageRelay?parent=https://kofk.de&jsh=m;/_/scs/apps-static/_/js/k=oz.gapi.de.bjUzSw-xmIo.O/m=__features__/am=AQ/rt=j/d=1/rs=AGLTcCPGenVj7K3BD2rGooDHpdW09GWKIw#rpctoken=439843192&forcesecure=1
(function anonymous(
) {
_/scs/apps-static/_/js/k==oz.gapi.de.bjUzSw-xmIo.O/m==__features__
})
[NoScript XSS] Eine verdächtige Anfrage wurde bereinigt. Original-URL [https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkofk.de&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.bjUzSw-xmIo.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPGenVj7K3BD2rGooDHpdW09GWKIw#rpctoken=439843192&forcesecure=1] angefordert von [https://kofk.de/findex.php]. Bereinigte URL: [https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fkofk.de&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%20oz.gapi.de.bjUzSw-xmIo.O%2Fm%20__features__%2Fam%20AQ%2Frt%20j%2Fd%201%2Frs%20AGLTcCPGenVj7K3BD2rGooDHpdW09GWKIw#3895872973395461752].
To me it looks like something weird is going on with the google plus button.
Not sure if there's anything you can do about it, but since it persisted until today I thought I'd let you know.
(1) 
(0)
