Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

How to stop this IE message?

Posted on 2013-06-23
12
1,114 Views
Last Modified: 2013-06-28
Inrernet Explorer has modified this page to prevent cross site scripting.
Getting it every time on Ebay and maybe other sites.
0
Comment
Question by:nickg5
12 Comments
 
LVL 19

Accepted Solution

by:
*** Hopeleonie *** earned 185 total points
ID: 39269369
0
 
LVL 25

Author Comment

by:nickg5
ID: 39269376
It worked for Ebay but what are the disadvantages of changing it to "disable."
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 39269399
what are the disadvantages of changing it

If it is disabled then you will be open to attack from malicious site that may inject scripting.

You can leave it enabled, and then then disable it as needed, or use a more secure browser like Firefox.

Cd&
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 25

Author Comment

by:nickg5
ID: 39269586
I have to go to Ebay every day and never got that message when I used MSE.
I switched from MSE to Trend Micro Titatium and Trend Micro is quick to label a website as dangerous. Trend Micro if fine with Ebay except for that script message above and it was with IE and I do not recall getting that message before today.

So, cross site scripting should not be something new that started today and only now did IE decide to give the message.
0
 
LVL 25

Author Comment

by:nickg5
ID: 39269647
I use both IE and FF due to two hotmail accounts open at the same time.
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 39270013
Microsoft has been updating IE with the regular updates and part of the cleanup is to tighten security.

So, cross site scripting should not be something new that started today and only now did IE decide to give the message.

IE has had security issues for more than 10 years, some are still not fully addressed, and it is the least secure of the mainstream browsers. The lack of security has cost them a huge chunk of market share and to get back in the game they have to close the holes, but they cannot just do it in code like FF and Chrome because a lot of legacy applications need the security holes to work.  So they make security optional and it appears that now they have added a message about it.


Cd&
0
 
LVL 25

Author Comment

by:nickg5
ID: 39275828
If it is disabled then you will be open to attack from malicious site that may inject scripting.
..........We have Trend Micro Titanium so maybe it will catch the sites that may inject scripting. But, what is the risk of "scripting" by a malicious site?
0
 
LVL 53

Assisted Solution

by:COBOLdinosaur
COBOLdinosaur earned 185 total points
ID: 39276468
Download code that allows your computer to accept commands from a remote server that turns it your computer into a zombie on a botnet
Steal your personal information.
Use your email client to send spam
install addware
install spyware
just about anything else you can think of (and probably some you haven't)

Cd&
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 39276487
BTW Trend Micro Titanium should be able to catch injection.  I would never use anything but Kaspersky, but what you have should handle the AV tasks fine just don't switch to something weak like Norton or McAfee.

Cd&
0
 
LVL 44

Assisted Solution

by:Jackie Man
Jackie Man earned 130 total points
ID: 39283432
I think that you just need to add the websites, i.e. eBay and other websites which you trusts their security standard to the the list of trusted sites and disable XSS filter for trusted sites only.

http://www.ndm.ox.ac.uk/_asset/file/how-to-disable-xss-filter-for-trusted-sites-in-ie8.pdf
0
 
LVL 25

Author Comment

by:nickg5
ID: 39285853
Disabling was directly related to the title, but the other information is very helpful as well.
0
 
LVL 25

Author Closing Comment

by:nickg5
ID: 39285854
-
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Google Chrome Notifications 2 71
Receipt Printer for web based app 3 86
set url:tel to a website 3 75
Can I install Windows on a Chromebook? 3 45
Bada platform is becoming more and more famous this days and people talking about same. Some friends included those who have bada OS mobile asked me "what is bada?"and "what its features?". That encouraged me to research and write this article. [st…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question