Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to stop this IE message?

Posted on 2013-06-23
12
Medium Priority
?
1,204 Views
Last Modified: 2013-06-28
Inrernet Explorer has modified this page to prevent cross site scripting.
Getting it every time on Ebay and maybe other sites.
0
Comment
Question by:nickg5
12 Comments
 
LVL 19

Accepted Solution

by:
*** Hopeleonie *** earned 740 total points
ID: 39269369
0
 
LVL 25

Author Comment

by:nickg5
ID: 39269376
It worked for Ebay but what are the disadvantages of changing it to "disable."
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 39269399
what are the disadvantages of changing it

If it is disabled then you will be open to attack from malicious site that may inject scripting.

You can leave it enabled, and then then disable it as needed, or use a more secure browser like Firefox.

Cd&
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 25

Author Comment

by:nickg5
ID: 39269586
I have to go to Ebay every day and never got that message when I used MSE.
I switched from MSE to Trend Micro Titatium and Trend Micro is quick to label a website as dangerous. Trend Micro if fine with Ebay except for that script message above and it was with IE and I do not recall getting that message before today.

So, cross site scripting should not be something new that started today and only now did IE decide to give the message.
0
 
LVL 25

Author Comment

by:nickg5
ID: 39269647
I use both IE and FF due to two hotmail accounts open at the same time.
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 39270013
Microsoft has been updating IE with the regular updates and part of the cleanup is to tighten security.

So, cross site scripting should not be something new that started today and only now did IE decide to give the message.

IE has had security issues for more than 10 years, some are still not fully addressed, and it is the least secure of the mainstream browsers. The lack of security has cost them a huge chunk of market share and to get back in the game they have to close the holes, but they cannot just do it in code like FF and Chrome because a lot of legacy applications need the security holes to work.  So they make security optional and it appears that now they have added a message about it.


Cd&
0
 
LVL 25

Author Comment

by:nickg5
ID: 39275828
If it is disabled then you will be open to attack from malicious site that may inject scripting.
..........We have Trend Micro Titanium so maybe it will catch the sites that may inject scripting. But, what is the risk of "scripting" by a malicious site?
0
 
LVL 53

Assisted Solution

by:COBOLdinosaur
COBOLdinosaur earned 740 total points
ID: 39276468
Download code that allows your computer to accept commands from a remote server that turns it your computer into a zombie on a botnet
Steal your personal information.
Use your email client to send spam
install addware
install spyware
just about anything else you can think of (and probably some you haven't)

Cd&
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 39276487
BTW Trend Micro Titanium should be able to catch injection.  I would never use anything but Kaspersky, but what you have should handle the AV tasks fine just don't switch to something weak like Norton or McAfee.

Cd&
0
 
LVL 51

Assisted Solution

by:Jackie Man
Jackie Man earned 520 total points
ID: 39283432
I think that you just need to add the websites, i.e. eBay and other websites which you trusts their security standard to the the list of trusted sites and disable XSS filter for trusted sites only.

http://www.ndm.ox.ac.uk/_asset/file/how-to-disable-xss-filter-for-trusted-sites-in-ie8.pdf
0
 
LVL 25

Author Comment

by:nickg5
ID: 39285853
Disabling was directly related to the title, but the other information is very helpful as well.
0
 
LVL 25

Author Closing Comment

by:nickg5
ID: 39285854
-
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.
Suggested Courses

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question