We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

ابحث في الدعم

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

When log into ANZ.com, faced with a Noscript XSS (ANZ) script warning by Noscript, which offers me to either save the file, or open, or cancel, what to do?

  • 1 (رد واحد)
  • 1 has this problem
  • 3 views
  • آخر ردّ كتبه Andrew

more options

When I open the ANZ.com website (and I have Noscript operating), Noscript identifies a XSS javascript (written by ANZ as part of its new internet banking website).

When I go to log in the login window pops up but within up to 50 seconds stalls then a javascript XSS warning shows (with a source from https://waf1x.anz.com). That window offers me a choice of (a) saving the javascript as a file, (b) opening the javascript with a program of my(?) choice, or cancelling the error window. The ANZ site becomes very sluggish until I cancel the error window, though even afterwards it is still slow.

The Javascript is " ... javascript__(function(){function i(){if(typeof XMLHttpRequest!='undefined'){return new XMLHttpRequest()}try{return new ActiveXObject(_Msxml2.XMLHTTP_)}catch(e){try{return new ActiveXObject(_Microsoft.XMLHTTP_)}catch(e){}}}function j(a){if(typeof(a)==_string_) ... "

How should I set up Firefox or Noscript to deal with the ANZ XSS script?

When I open the ANZ.com website (and I have Noscript operating), Noscript identifies a XSS javascript (written by ANZ as part of its new internet banking website). When I go to log in the login window pops up but within up to 50 seconds stalls then a javascript XSS warning shows (with a source from https://waf1x.anz.com). That window offers me a choice of (a) saving the javascript as a file, (b) opening the javascript with a program of my(?) choice, or cancelling the error window. The ANZ site becomes very sluggish until I cancel the error window, though even afterwards it is still slow. The Javascript is " ... javascript__(function(){function i(){if(typeof XMLHttpRequest!='undefined'){return new XMLHttpRequest()}try{return new ActiveXObject(_Msxml2.XMLHTTP_)}catch(e){try{return new ActiveXObject(_Microsoft.XMLHTTP_)}catch(e){}}}function j(a){if(typeof(a)==_string_) ... " How should I set up Firefox or Noscript to deal with the ANZ XSS script?

All Replies (1)

more options

reldepad said

When I open the ANZ.com website (and I have Noscript operating), Noscript identifies a XSS javascript (written by ANZ as part of its new internet banking website). When I go to log in the login window pops up but within up to 50 seconds stalls then a javascript XSS warning shows (with a source from https://waf1x.anz.com). That window offers me a choice of (a) saving the javascript as a file, (b) opening the javascript with a program of my(?) choice, or cancelling the error window. The ANZ site becomes very sluggish until I cancel the error window, though even afterwards it is still slow. The Javascript is " ... javascript__(function(){function i(){if(typeof XMLHttpRequest!='undefined'){return new XMLHttpRequest()}try{return new ActiveXObject(_Msxml2.XMLHTTP_)}catch(e){try{return new ActiveXObject(_Microsoft.XMLHTTP_)}catch(e){}}}function j(a){if(typeof(a)==_string_) ... " How should I set up Firefox or Noscript to deal with the ANZ XSS script?