Dodgy looking JavaScript in New Post edit box
-
I just tried to write a new post and was faced with a JavaScript warning (thanks to NoScript) in the post edit box. If I hover over the icon it says:
<IFRAME>, unknown@javascript:Does anyone have an idea why this may have started because it wasn’t there yesterday.
-
The visual editor requires Javascript. If you’re blocking js it won’t work. You can go to your user profile (click on your username at top right while logged in) and un-check the visual editor box.
-
Thanks but I’m not blocking the script. May fault, I should have written AdBlock, not NoScript. WordPress.com has full JavaScript access in my browser.
-
Turn adblock off and give it a try – you will have to restart the browser for it to take effect.
-
Ack, ignore that last reply of mine, it is NoScript that is giving me the alert. Would you like a screen grab to make it easier to see what I mean?
-
You can actually, while the write page is active in your browser go to the adblock pulldown at the top right of the browser and select “disable on yourblog.wordpress.com” . That way it will not try to block anything while you are on any of your blog pages.
-
-
Yes, black- and white-lists are possible and wordpress.com is whitelisted. It denies access to scripts unless it it white-listed plus you can create a permanent black-list for dodgy sites.
-
-
-
-
It makes no difference. Could this be something to do with the Google ads that have been mentioned?
-
No, the ads will never appear when you are logged in, and as I understand it, they will never appear to anyone using Firefox (Matt has a Firefox fetish).
All I can suggest is to contact noscript at this point, and temporarily disable it until you can get it sorted out.
-
I have used NoScript before and found it to be extremely troublesome, simply because it blocks everything on a given page. And I mean everything. So, I dropped it. Instead, I use AdBlock Plus and it has no problems with WordPress.com at all. You may want to try the switch for a while and see how you like it. Just a thought.
-
Good news about Firefox :)
I’m loathe to disable NoScript when faced with such a dodgy looking script. JavaScript is such a major vector for malware these days so surfing without NoScript is a bit like picking up the soap in the prison shower as far as I’m concerned. I’ll use the vanilla post editor for now and fire up the sandbox in a while to investigate the script in somewhat safer conditions.
-
tsp said: they will never appear to anyone using Firefox (Matt has a Firefox fetish).
No wonder I have never seen them! I am glad Matt supports the most advanced web browser in the Universe in such a great fashion. Way to go, Matt!
-
tsp is correct, we never display ads in wp-admin or to users who are logged in. If something is blocked it’s an error.
-
It only blocks JavaScript and even in a Web 2.0 world it doesn’t degrade my usage. If I trust the site I can enable it and if not then I’m safer. Let’s face it, even major sites are prone to such problems; take a normally trusted site like BusinessWeek – it was cracked and served malware via JavaScript recently:
-
-
- The topic ‘Dodgy looking JavaScript in New Post edit box’ is closed to new replies.
WordPress.com Forums 