NoScript's XSS popup breaks circuit display in some cases

Go to https://getharvest.com and sign in. After entering your credentials and sending them you'll get a NoScript XSS popup which is a false positive in this case. More importantly for this bug, though: if you go back to your window with the Harvest URL in the URL bar, clicking on the identity box does not show your circuit anymore. The whole panel is gone. This does not change either if I select the "block your request" option. The result is, one is stuck and can't change/look at the circuit even.

Found by arma.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information