Have I been Trumped by Google?

Posting a video to the SIFT has been impossible for me over the past 22 hours or so. First weird thing was I was logged off when I clicked on the site [I'm NEVER logged out]. Then, after attempting to submit a YT video as I usually do, I got the following error message:

********************************
This page isn’t working

Chrome detected unusual code on this page and blocked it to protect your personal information (for example, passwords, phone numbers, and credit cards).
Try visiting the site's homepage.
ERR_BLOCKED_BY_XSS_AUDITOR

*********************************

I deleted my cookies and browsing history after logging out of the site. I restarted my computer and logged in again ... Now it appears that I can't post anything at all. I've tried to put up 2 other YT vids and, after verifying the embed code and filling in the form, I get the same error message when I hit submit. It doesn't appear that I'm restricted in any other way here. I haven't had any recent google updates and the site was working fine for me several hours before all of this started happening.

WTF is happening? Anyone else having issues? ... Bueller? @dag @lucky760
lucky760 says...

Well, that's a new one...

Have you tried a different browser, like Firefox?

Is anyone else seeing anything like this?

Nothing has changed on our end, so I'm not sure what Chrome is picking up on. Hmm...

coffeejerk says...

This seems to be a false positive issue on chromes end for some days.
Saw some logs from admins reporting the same for the current version of chrome post 04032017. Also, there were false positives due to a bug some time ago.

It can result from taking up malformed parts of the page due to missing / unbound variables etc. and interpreting it as modified site content. Even perfectly fine content can be misinterpreted in certain circumstances.

example of older false positive bug: empty attribute in form header
<form method="POST" action=>

Try using another browser for the time being.

Do not disable protective measures. It is however possible that indeed parts of your page were modified by browser plugins and or wanted or unwanted additions to your system. If in question perform a scrubbing on your system via a bootable system if desired.

ant says...

For those with Chrome issues, how about a new OS account and retrying Chrome from scratch to see if it is related the old Chrome and OS' datas?

Mordhaus says...

Win 7 Ultimate 64 bit, fully updated. Version 57.0.2987.133 of Chrome. Tried submitting from incognito and guest profile. No errors in dev console tab.

Edit: Also downloaded canary (dev/test version of chrome) as suggested by chrome support. same error.

mxxcon said:

@Mordhaus and @PlayhousePals what version of Chrome and OS are you running?
Have you tried submitting from incognito mode or Chrome's guest profile?
When you open Chrome's dev console, what errors/messages do you see there?

PlayhousePals says...

@dag @lucky760 Thanks to my nephew [who isn't even a PC guy] I now know I'm cookin' with Windows 10 Version 1607 (OS Build 14393.953) and Chrome Version 57.0.2987.133

Hopefully this info will help in resolving whatever is going on.

I'm not proficient enough [nor do I have the inclination to stress myself out right now] to understand what hoops to jump through with regards to Chrome nor do I really want to download another browser for one site. But thank you for your suggestions mxxcon [even if they're greek to me]

mxxcon said:

@Mordhaus and @PlayhousePals what version of Chrome and OS are you running?
Have you tried submitting from incognito mode or Chrome's guest profile?
When you open Chrome's dev console, what errors/messages do you see there?

iaui says...

I'm seeing this problem too. I tried to submit the Colbert riff on "Hey Stranger" and got the XSS issue as well. If it's really a Chrome bug it'll be fixed in the next version, I would assume.

oritteropo says...

It will only be fixed if they think it's a bug.

iaui said:

I'm seeing this problem too. I tried to submit the Colbert riff on "Hey Stranger" and got the XSS issue as well. If it's really a Chrome bug it'll be fixed in the next version, I would assume.

Mordhaus says...

After investigating this further, it looks like they turned this on in the latest release because they were worried malicious code could be hidden in the embeds people try to post. The likelihood of this is extremely slim if you are just embedding stuff to sites like this from sites like youtube, etc. So I just used the command line to turn off the auditor for now.

@dag, the same thing is enabled in the beta I believe. Since you are on a mac, I wouldn't be surprised if they didn't include the change since macs shouldn't be affected by malicious code in this fashion.

Send this Article to a Friend



Separate multiple emails with a comma (,); limit 5 recipients






Your email has been sent successfully!

Manage this Video in Your Playlists

New Blog Posts from All Members