IE has modified this page to help prevent cross-site scripting when uploading BAS

Legacy KB ID: 4961

Question

Why can’t I lodge my BAS to the ATO’s Business Portal? I get the error: “Internet Explorer has modified this page to help prevent cross-site scripting”.

 

Answer

Internet Explorer v10 users will experience this problem.  It is a design feature to improve internet security.

Cross site scripting (also known as XSS) occurs when a web application gathers malicious data from a user. The data is usually gathered in the form of a hyperlink which contains malicious content within it. The user will most likely click on this link from another website, instant message, or simply just reading a web board or email message. Usually the attacker will encode the malicious portion of the link to the site in HEX (or other encoding methods) so the request is less suspicious looking to the user when clicked on. After the data is collected by the web application, it creates an output page for the user containing the malicious data that was originally sent to it, but in a manner to make it appear as valid content from the website.

 

Workaround

Option 1:  Disable the XSS Filter in Internet Explorer v10.

1.    Open Internet Explorer > Tools > Internet Options > Security tab;

2.    Click on Custom level and scroll down to Enable XSS FILTER under Scripting;

3.    Click the radio button next to Disable and click OK and OK;

4.    Restart internet explorer.

5.    Lodge your BAS through the ATO Business Portal;

6.    When complete, enable XSS Filtering by reversing steps 1 to 3 to restore default internet security levels.

Option 2:  Upload to SBR with Reckon GovConnect

Option 3:  Use an earlier version of Internet Explorer or another supported web browser.

 

How did we do?

Including Pays information in BAS when not using the Accounts Business Payroll function.

Drop down menu in BAS are not wide enough, items are being cut of and are hard to read

Related Articles

Powered by HelpDocs (opens in a new tab)

Powered by HelpDocs (opens in a new tab)