How to sign in to the forum using Firefox w/ NoScript
Enthusiast - Level 2

Apparently this site uses "suspicious cross-site POST requests" according to NoScript in Firefox.

Until this changes, you'll need to tweak the NoScript settings a little in order to be able to sign into your account with NoScript XSS sanitizing enabled.  (I'll assume you've already allowed scripts from and/or - I'm pretty sure you'll need those enabled in order to use the forums at all)

1) Open your NoScript options in Firefox:

Tools -> Add-ons -> Extensions (tab) -> NoScript -> Options

2) In the NoScript options click the "Advanced" tab.

3) In the advanced tab click the "XSS" sub-tab.

4) In the "Anti-XSS Protection Exceptions" text box on the "XSS" tab add the following line:


5) Click OK and then close the Add-ons window.

6) Close your tab/window for and try again.

7) If this doesn't work you may also need to delete any cookies you have from and/or close Firefox all together and try again.


Details on the problem, how I identified it, and how I came across this solution


For the past two days I've been trying to get my account setup and running and no matter what I tried, I would always end up on a screen that said my user name and password was invalid.  To add to the confusion I was able to reset my password on the account using the "Forgot username/password" link and it STILL wouldn't work.

Then I noticed that for a split second right after I press the enter key to login there is a small notification bar at the top of the browser window.  It goes away too fast to read, but I was able to notice the "NoScript" icon on the bar before it disappeared.  So, I enabled scripts globally in NoScript and STILL had the same problem.  Disabling/Removing NoScript all together fixed the problem and I was able to login.  Of course that's not an acceptable solution, but at least I knew for sure that the problem was being caused by NoScript now.

Recalling past situations with sites not playing well with NoScript I remembered that there were NoScript messages logged in the Firefox error console (Tools -> Error console) when some actions are blocked.  So, I enabled NoScript again, tried to login, opened the error console and sure enough, there's a message saying:

[NoScript XSS] Sanitized suspicious upload

to [<some data here>]

from [<some more data here>]:

transformed into a download-only GET request.

So, I took the URL from the "to ..." section of the message and entered it into the equivalent regular expression into the exceptions and tada!  It worked!  I can now sign into the community forums and still have the protection of NoScript to keep me safe from other sites. 🙂


3 Replies
Enthusiast - Level 2

Thanks for the expert advice.  Adding the line to the Anti-XSS exception worked for me.  I still can't use my forum name and password to log in but at least I can use my one without first going through the main page.

Specialist - Level 3

Wow!  What a nice description of the issue you are having and resolution steps!  I have also passed this along to our IT folks to have a look.

Thank you for being so thorough I am sure there are others that may run into this!

Enthusiast - Level 3

Is this the same for Aurora in that all I have found just script in the Sign in box for the tablet giveaway-If there is some way for loading a screenshot as an attachment I can show you the problem I'm encountering-I'm uploading again Javascript as it says it is outdated though the Java download says it is already there. So where do I send a screenshot to show the problem I'm encountering-I typed in script in the box and this is the one thread it took me to.image