Ok, anche se abiliti " Consenti script a livello globale (pericoloso) ", che non è raccomandato, ma dice chiaramente che è pericoloso , NoScript ti proteggerà da XSS.
Ho caricato file php vulnerabili sul mio server, abilitato " Consenti script a livello globale (pericoloso) ", dopo che NoScript mi ha dato un avvertimento:
NoScript filtered a potential cross-site scripting (XSS) attempt from
...
Se apri la console, vedrai NoScript InjectionChecker
[NoScript InjectionChecker] Iniezione HTML:
<script
matches <[^\w<>]*(?:[^<>"'\s]*:)?[^\w<>]*(?:\W*(?:\/[*/][\s\S]*)?s\W*(?:\/[*/][\s\S]*)?c\W*(?:\/[*/][\s\S]*)?r\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?p\W*(?:\/[*/][\s\S]*)?t|\W*(?:\/[*/][\s\S]*)?f\W*(?:\/[*/][\s\S]*)?o\W*(?:\/[*/][\s\S]*)?r\W*(?:\/[*/][\s\S]*)?m|\W*(?:\/[*/][\s\S]*)?s\W*(?:\/[*/][\s\S]*)?t\W*(?:\/[*/][\s\S]*)?y\W*(?:\/[*/][\s\S]*)?l\W*(?:\/[*/][\s\S]*)?e|\W*(?:\/[*/][\s\S]*)?s\W*(?:\/[*/][\s\S]*)?v\W*(?:\/[*/][\s\S]*)?g|\W*(?:\/[*/][\s\S]*)?m\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?r\W*(?:\/[*/][\s\S]*)?q\W*(?:\/[*/][\s\S]*)?u\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?e|(?:\W*(?:\/[*/][\s\S]*)?l\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?n\W*(?:\/[*/][\s\S]*)?k|\W*(?:\/[*/][\s\S]*)?o\W*(?:\/[*/][\s\S]*)?b\W*(?:\/[*/][\s\S]*)?j\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?c\W*(?:\/[*/][\s\S]*)?t|\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?m\W*(?:\/[*/][\s\S]*)?b\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?d|\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?p\W*(?:\/[*/][\s\S]*)?p\W*(?:\/[*/][\s\S]*)?l\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?t|\W*(?:\/[*/][\s\S]*)?p\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?r\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?m|\W*(?:\/[*/][\s\S]*)?i?\W*(?:\/[*/][\s\S]*)?f\W*(?:\/[*/][\s\S]*)?r\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?m\W*(?:\/[*/][\s\S]*)?e|\W*(?:\/[*/][\s\S]*)?b\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?s\W*(?:\/[*/][\s\S]*)?e|\W*(?:\/[*/][\s\S]*)?b\W*(?:\/[*/][\s\S]*)?o\W*(?:\/[*/][\s\S]*)?d\W*(?:\/[*/][\s\S]*)?y|\W*(?:\/[*/][\s\S]*)?m\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?t\W*(?:\/[*/][\s\S]*)?a|\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?m\W*(?:\/[*/][\s\S]*)?a?\W*(?:\/[*/][\s\S]*)?g\W*(?:\/[*/][\s\S]*)?e?|\W*(?:\/[*/][\s\S]*)?v\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?d\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?o|\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?u\W*(?:\/[*/][\s\S]*)?d\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?o|\W*(?:\/[*/][\s\S]*)?b\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?n\W*(?:\/[*/][\s\S]*)?d\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?n\W*(?:\/[*/][\s\S]*)?g\W*(?:\/[*/][\s\S]*)?s|\W*(?:\/[*/][\s\S]*)?s\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?t|\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?s\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?n\W*(?:\/[*/][\s\S]*)?d\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?x|\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?n\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?m\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?t\W*(?:\/[*/][\s\S]*)?e)[^>\w])|['"\s<script
matches <[^\w<>]*(?:[^<>"'\s]*:)?[^\w<>]*(?:\W*(?:\/[*/][\s\S]*)?s\W*(?:\/[*/][\s\S]*)?c\W*(?:\/[*/][\s\S]*)?r\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?p\W*(?:\/[*/][\s\S]*)?t|\W*(?:\/[*/][\s\S]*)?f\W*(?:\/[*/][\s\S]*)?o\W*(?:\/[*/][\s\S]*)?r\W*(?:\/[*/][\s\S]*)?m|\W*(?:\/[*/][\s\S]*)?s\W*(?:\/[*/][\s\S]*)?t\W*(?:\/[*/][\s\S]*)?y\W*(?:\/[*/][\s\S]*)?l\W*(?:\/[*/][\s\S]*)?e|\W*(?:\/[*/][\s\S]*)?s\W*(?:\/[*/][\s\S]*)?v\W*(?:\/[*/][\s\S]*)?g|\W*(?:\/[*/][\s\S]*)?m\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?r\W*(?:\/[*/][\s\S]*)?q\W*(?:\/[*/][\s\S]*)?u\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?e|(?:\W*(?:\/[*/][\s\S]*)?l\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?n\W*(?:\/[*/][\s\S]*)?k|\W*(?:\/[*/][\s\S]*)?o\W*(?:\/[*/][\s\S]*)?b\W*(?:\/[*/][\s\S]*)?j\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?c\W*(?:\/[*/][\s\S]*)?t|\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?m\W*(?:\/[*/][\s\S]*)?b\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?d|\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?p\W*(?:\/[*/][\s\S]*)?p\W*(?:\/[*/][\s\S]*)?l\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?t|\W*(?:\/[*/][\s\S]*)?p\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?r\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?m|\W*(?:\/[*/][\s\S]*)?i?\W*(?:\/[*/][\s\S]*)?f\W*(?:\/[*/][\s\S]*)?r\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?m\W*(?:\/[*/][\s\S]*)?e|\W*(?:\/[*/][\s\S]*)?b\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?s\W*(?:\/[*/][\s\S]*)?e|\W*(?:\/[*/][\s\S]*)?b\W*(?:\/[*/][\s\S]*)?o\W*(?:\/[*/][\s\S]*)?d\W*(?:\/[*/][\s\S]*)?y|\W*(?:\/[*/][\s\S]*)?m\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?t\W*(?:\/[*/][\s\S]*)?a|\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?m\W*(?:\/[*/][\s\S]*)?a?\W*(?:\/[*/][\s\S]*)?g\W*(?:\/[*/][\s\S]*)?e?|\W*(?:\/[*/][\s\S]*)?v\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?d\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?o|\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?u\W*(?:\/[*/][\s\S]*)?d\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?o|\W*(?:\/[*/][\s\S]*)?b\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?n\W*(?:\/[*/][\s\S]*)?d\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?n\W*(?:\/[*/][\s\S]*)?g\W*(?:\/[*/][\s\S]*)?s|\W*(?:\/[*/][\s\S]*)?s\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?t|\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?s\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?n\W*(?:\/[*/][\s\S]*)?d\W*(?:\/[*/][\s\S]*)?e\W*(?:\/[*/][\s\S]*)?x|\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?n\W*(?:\/[*/][\s\S]*)?i\W*(?:\/[*/][\s\S]*)?m\W*(?:\/[*/][\s\S]*)?a\W*(?:\/[*/][\s\S]*)?t\W*(?:\/[*/][\s\S]*)?e)[^>\w])|['"\s%pre%/](?:formaction|style|background|src|lowsrc|ping|on(?:m(?:o(?:z(?:browser(?:beforekey(?:down|up)|afterkey(?:down|up))|(?:network(?:down|up)loa|accesskeynotfoun)d|pointerlock(?:change|error)|(?:orientation|time)change|fullscreen(?:change|error)|interrupt(?:begin|end)|key(?:down|up)onplugin)|use(?:(?:lea|mo)ve|o(?:ver|ut)|enter|wheel|down|up)|ve(?:start|end)?)|a(?:p(?:se(?:tmessagestatus|ndmessage)|message(?:slisting|update)|folderlisting|getmessage)req|rk)|essage)|c(?:o(?:n(?:nect(?:i(?:on(?:statechanged|available)|ng)|ed)?|t(?:rol(?:lerchange|select)|extmenu)|figurationchange)|m(?:p(?:osition(?:update|start|end)|lete)|mand(?:update)?)|py)|h(?:a(?:r(?:ging(?:time)?change|acteristicchanged)|nge)|ecking)|a(?:n(?:play(?:through)?|cel)|(?:llschang|ch)ed|rdstatechange)|u(?:rrent(?:channel|source)changed|echange|t)|l(?:i(?:rmodechange|ck)|ose)|(?:fstate|ell)change)|p(?:o(?:inter(?:l(?:ock(?:change|error)|eave)|o(?:ver|ut)|cancel|enter|down|move|up)|p(?:up(?:hid(?:den|ing)|show(?:ing|n))|state)|ster)|a(?:i(?:ring(?:con(?:firmation|sent)req|aborted)|nt)|ge(?:hide|show)|(?:st|us)e)|u(?:ll(?:vcard(?:listing|entry)|phonebook)req|sh(?:subscriptionchange)?)|r(?:o(?:pertychange|gress)|eviewstatechange)|(?:(?:ending|ty|s)chang|ic(?:hang|tur))e|lay(?:ing)?|hoto)|d(?:e(?:vice(?:p(?:roximity|aired)|(?:orienta|mo)tion|(?:unpaire|foun)d|change|light)|l(?:ivery(?:success|error)|eted)|activate)|i(?:s(?:c(?:hargingtimechange|onnect(?:ing|ed)?)|playpasskeyreq|abled)|aling)|r(?:a(?:g(?:e(?:n(?:ter|d)|xit)|(?:gestur|leav)e|start|drop|over)?|in)|op)|ata(?:setc(?:omplete|hanged)|(?:availabl|chang)e|error)?|urationchange|ownloading|blclick)|s(?:t(?:a(?:t(?:uschanged|echange)|lled|rt)|o(?:rage(?:areachanged)?|p)|k(?:sessione|comma)nd)|e(?:lect(?:ionchange|start)?|ek(?:ing|ed)|n(?:ding|t)|t)|ou(?:rce(?:(?:clos|end)ed|open)|nd(?:start|end))|c(?:(?:anningstate|ostatus)changed|roll)|pe(?:akerforcedchange|ech(?:start|end))|u(?:ccess|spend|bmit)|h(?:utter|ow))|r(?:e(?:s(?:ourcetimingbufferfull|u(?:m(?:ing|e)|lt)|ize|et)|mo(?:ve(?:sourcebuffer|track)|te(?:resume|hel)d)|ad(?:y(?:statechange)?|success|error)|c(?:orderstatechange|eived)|questmediaplaystatus|pea(?:tEven)?t|loadpage|trieving)|ow(?:s(?:inserted|delete)|e(?:nter|xit))|(?:(?:adiost)?ate|t)change|ds(?:dis|en)abled)|a(?:n(?:imation(?:iteration|start|end)|tennaavailablechange)|d(?:d(?:sourcebuffer|track)|apter(?:remov|add)ed)|ttribute(?:(?:write|read)req|changed)|fter(?:(?:scriptexecu|upda)te|print)|b(?:solutedeviceorientation|ort)|ctiv(?:estatechanged|ate)|udio(?:process|start|end)|2dpstatuschanged|lerting)|Moz(?:S(?:wipeGesture(?:(?:May)?Start|Update|End)?|crolledAreaChanged)|M(?:agnifyGesture(?:Update|Start)?|ouse(?:PixelScroll|Hittest))|EdgeUI(?:C(?:omplet|ancel)|Start)ed|RotateGesture(?:Update|Start)?|(?:Press)?TapGesture|AfterPaint)|b(?:e(?:for(?:e(?:(?:scriptexecu|activa)te|e(?:ditfocus|victed)|u(?:nload|pdate)|p(?:aste|rint)|c(?:opy|ut))|deactivate)|gin(?:Event)?)|u(?:fferedamountlow|sy)|oun(?:dary|ce)|l(?:ocked|ur)|roadcast)|DOM(?:Node(?:Inserted(?:IntoDocument)?|Removed(?:FromDocument)?)|(?:CharacterData|Subtree)Modified|A(?:ttrModified|ctivate)|Focus(?:Out|In)|MouseScroll)|w(?:eb(?:kit(?:Animation(?:Iteration|Start|End)|animation(?:iteration|start|end)|(?:TransitionE|transitione)nd)|socket)|a(?:it|rn)ing|heel)|e(?:n(?:ter(?:pincodereq)?|(?:crypt|abl)ed|d(?:Event|ed)?)|m(?:ergencycbmodechange|ptied)|(?:itbroadcas|vic)ted|rror(?:update)?|xit)|f(?:o(?:rm(?:change|input)|cus(?:out|in)?)|ullscreen(?:change|error)|i(?:lterchange|nish)|a(?:cesdetect|il)ed|requencychange|etch)|l(?:o(?:ad(?:e(?:d(?:meta)?data|nd)|ing(?:error|done)?|start)?|s(?:tpointer|e)capture)|(?:anguage|evel)change|y)|o(?:(?:(?:rientation|tastatus)chang|(?:ff|n)lin)e|b(?:expasswordreq|solete)|verflow(?:changed)?|pen)|t(?:o(?:uch(?:cancel|start|move|end)|ggle)|ime(?:update|out)|e(?:rminate|xt)|ransitionend|ypechange)|u(?:p(?:date(?:(?:fou|e)nd|ready|start)?|gradeneeded)|s(?:erproximity|sdreceived)|n(?:derflow|load))|v(?:rdisplay(?:(?:dis)?connect|presentchange)|o(?:ice(?:schanged|change)|lumechange)|ersionchange)|g(?:amepad(?:(?:dis)?connected|button(?:down|up)|axismove)|(?:otpointercaptur|roupchang)e|et)|h(?:e(?:adphoneschange|l[dp])|(?:fp|id)statuschanged|ashchange|olding)|i(?:cc(?:(?:info)?change|(?:un)?detected)|n(?:coming|stall|valid|put))|n(?:o(?:tificationcl(?:ick|ose)|update|match)|ewrdsgroup)|SVG(?:(?:Unl|L)oad|Resize|Scroll|Zoom)|key(?:press|down|up)|(?:AppComman|Loa)d|Request|zoom))[\s%pre%]*=
[NoScript XSS] Blocked susspisious request: [https://-mywebsite-/index.php?name=%22%3E%3Cscript%3Ealert(xss);%3C/script%3E]
/](?:formaction|style|background|src|lowsrc|ping|on(?:m(?:o(?:z(?:browser(?:beforekey(?:down|up)|afterkey(?:down|up))|(?:network(?:down|up)loa|accesskeynotfoun)d|pointerlock(?:change|error)|(?:orientation|time)change|fullscreen(?:change|error)|interrupt(?:begin|end)|key(?:down|up)onplugin)|use(?:(?:lea|mo)ve|o(?:ver|ut)|enter|wheel|down|up)|ve(?:start|end)?)|a(?:p(?:se(?:tmessagestatus|ndmessage)|message(?:slisting|update)|folderlisting|getmessage)req|rk)|essage)|c(?:o(?:n(?:nect(?:i(?:on(?:statechanged|available)|ng)|ed)?|t(?:rol(?:lerchange|select)|extmenu)|figurationchange)|m(?:p(?:osition(?:update|start|end)|lete)|mand(?:update)?)|py)|h(?:a(?:r(?:ging(?:time)?change|acteristicchanged)|nge)|ecking)|a(?:n(?:play(?:through)?|cel)|(?:llschang|ch)ed|rdstatechange)|u(?:rrent(?:channel|source)changed|echange|t)|l(?:i(?:rmodechange|ck)|ose)|(?:fstate|ell)change)|p(?:o(?:inter(?:l(?:ock(?:change|error)|eave)|o(?:ver|ut)|cancel|enter|down|move|up)|p(?:up(?:hid(?:den|ing)|show(?:ing|n))|state)|ster)|a(?:i(?:ring(?:con(?:firmation|sent)req|aborted)|nt)|ge(?:hide|show)|(?:st|us)e)|u(?:ll(?:vcard(?:listing|entry)|phonebook)req|sh(?:subscriptionchange)?)|r(?:o(?:pertychange|gress)|eviewstatechange)|(?:(?:ending|ty|s)chang|ic(?:hang|tur))e|lay(?:ing)?|hoto)|d(?:e(?:vice(?:p(?:roximity|aired)|(?:orienta|mo)tion|(?:unpaire|foun)d|change|light)|l(?:ivery(?:success|error)|eted)|activate)|i(?:s(?:c(?:hargingtimechange|onnect(?:ing|ed)?)|playpasskeyreq|abled)|aling)|r(?:a(?:g(?:e(?:n(?:ter|d)|xit)|(?:gestur|leav)e|start|drop|over)?|in)|op)|ata(?:setc(?:omplete|hanged)|(?:availabl|chang)e|error)?|urationchange|ownloading|blclick)|s(?:t(?:a(?:t(?:uschanged|echange)|lled|rt)|o(?:rage(?:areachanged)?|p)|k(?:sessione|comma)nd)|e(?:lect(?:ionchange|start)?|ek(?:ing|ed)|n(?:ding|t)|t)|ou(?:rce(?:(?:clos|end)ed|open)|nd(?:start|end))|c(?:(?:anningstate|ostatus)changed|roll)|pe(?:akerforcedchange|ech(?:start|end))|u(?:ccess|spend|bmit)|h(?:utter|ow))|r(?:e(?:s(?:ourcetimingbufferfull|u(?:m(?:ing|e)|lt)|ize|et)|mo(?:ve(?:sourcebuffer|track)|te(?:resume|hel)d)|ad(?:y(?:statechange)?|success|error)|c(?:orderstatechange|eived)|questmediaplaystatus|pea(?:tEven)?t|loadpage|trieving)|ow(?:s(?:inserted|delete)|e(?:nter|xit))|(?:(?:adiost)?ate|t)change|ds(?:dis|en)abled)|a(?:n(?:imation(?:iteration|start|end)|tennaavailablechange)|d(?:d(?:sourcebuffer|track)|apter(?:remov|add)ed)|ttribute(?:(?:write|read)req|changed)|fter(?:(?:scriptexecu|upda)te|print)|b(?:solutedeviceorientation|ort)|ctiv(?:estatechanged|ate)|udio(?:process|start|end)|2dpstatuschanged|lerting)|Moz(?:S(?:wipeGesture(?:(?:May)?Start|Update|End)?|crolledAreaChanged)|M(?:agnifyGesture(?:Update|Start)?|ouse(?:PixelScroll|Hittest))|EdgeUI(?:C(?:omplet|ancel)|Start)ed|RotateGesture(?:Update|Start)?|(?:Press)?TapGesture|AfterPaint)|b(?:e(?:for(?:e(?:(?:scriptexecu|activa)te|e(?:ditfocus|victed)|u(?:nload|pdate)|p(?:aste|rint)|c(?:opy|ut))|deactivate)|gin(?:Event)?)|u(?:fferedamountlow|sy)|oun(?:dary|ce)|l(?:ocked|ur)|roadcast)|DOM(?:Node(?:Inserted(?:IntoDocument)?|Removed(?:FromDocument)?)|(?:CharacterData|Subtree)Modified|A(?:ttrModified|ctivate)|Focus(?:Out|In)|MouseScroll)|w(?:eb(?:kit(?:Animation(?:Iteration|Start|End)|animation(?:iteration|start|end)|(?:TransitionE|transitione)nd)|socket)|a(?:it|rn)ing|heel)|e(?:n(?:ter(?:pincodereq)?|(?:crypt|abl)ed|d(?:Event|ed)?)|m(?:ergencycbmodechange|ptied)|(?:itbroadcas|vic)ted|rror(?:update)?|xit)|f(?:o(?:rm(?:change|input)|cus(?:out|in)?)|ullscreen(?:change|error)|i(?:lterchange|nish)|a(?:cesdetect|il)ed|requencychange|etch)|l(?:o(?:ad(?:e(?:d(?:meta)?data|nd)|ing(?:error|done)?|start)?|s(?:tpointer|e)capture)|(?:anguage|evel)change|y)|o(?:(?:(?:rientation|tastatus)chang|(?:ff|n)lin)e|b(?:expasswordreq|solete)|verflow(?:changed)?|pen)|t(?:o(?:uch(?:cancel|start|move|end)|ggle)|ime(?:update|out)|e(?:rminate|xt)|ransitionend|ypechange)|u(?:p(?:date(?:(?:fou|e)nd|ready|start)?|gradeneeded)|s(?:erproximity|sdreceived)|n(?:derflow|load))|v(?:rdisplay(?:(?:dis)?connect|presentchange)|o(?:ice(?:schanged|change)|lumechange)|ersionchange)|g(?:amepad(?:(?:dis)?connected|button(?:down|up)|axismove)|(?:otpointercaptur|roupchang)e|et)|h(?:e(?:adphoneschange|l[dp])|(?:fp|id)statuschanged|ashchange|olding)|i(?:cc(?:(?:info)?change|(?:un)?detected)|n(?:coming|stall|valid|put))|n(?:o(?:tificationcl(?:ick|ose)|update|match)|ewrdsgroup)|SVG(?:(?:Unl|L)oad|Resize|Scroll|Zoom)|key(?:press|down|up)|(?:AppComman|Loa)d|Request|zoom))[\s%pre%]*=
[NoScript XSS] Blocked susspisious request: [https://-mywebsite-/index.php?name=%22%3E%3Cscript%3Ealert(xss);%3C/script%3E]
Questo filtro funziona anche se disponi di tale sito web nella whitelist.