content/base/test/csp/file_hash_source.html@b8a032363ba2 (annotated)
content/base/test/csp/file_hash_source.html
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rw-r--r--
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
| michael@0 | 1 | <!doctype html> |
| michael@0 | 2 | <html> |
| michael@0 | 3 | <body> |
| michael@0 | 4 | <!-- inline scripts --> |
| michael@0 | 5 | <p id="inline-script-valid-hash">blocked</p> |
| michael@0 | 6 | <p id="inline-script-invalid-hash">blocked</p> |
| michael@0 | 7 | <p id="inline-script-invalid-hash-valid-nonce">blocked</p> |
| michael@0 | 8 | <p id="inline-script-valid-hash-invalid-nonce">blocked</p> |
| michael@0 | 9 | <p id="inline-script-invalid-hash-invalid-nonce">blocked</p> |
| michael@0 | 10 | <p id="inline-script-valid-sha512-hash">blocked</p> |
| michael@0 | 11 | <p id="inline-script-valid-sha384-hash">blocked</p> |
| michael@0 | 12 | <p id="inline-script-valid-sha1-hash">blocked</p> |
| michael@0 | 13 | <p id="inline-script-valid-md5-hash">blocked</p> |
| michael@0 | 14 | |
| michael@0 | 15 | <!-- 'sha256-siVR8vAcqP06h2ppeNwqgjr0yZ6yned4X2VF84j4GmI=' (in policy) --> |
| michael@0 | 16 | <script>document.getElementById("inline-script-valid-hash").innerHTML = "allowed";</script> |
| michael@0 | 17 | <!-- 'sha256-cYPTF2pm0QeyDtbmJ3+xi00o2Rxrw7vphBoHgOg9EnQ=' (not in policy) --> |
| michael@0 | 18 | <script>document.getElementById("inline-script-invalid-hash").innerHTML = "allowed";</script> |
| michael@0 | 19 | <!-- 'sha256-SKtBKyfeMjBpOujES0etR9t/cklbouJu/3T4PXnjbIo=' (not in policy) --> |
| michael@0 | 20 | <script nonce="jPRxvuRHbiQnCWVuoCMAvQ==">document.getElementById("inline-script-invalid-hash-valid-nonce").innerHTML = "allowed";</script> |
| michael@0 | 21 | <!-- 'sha256-z7rzCkbOJqi08lga3CVQ3b+3948ZbJWaSxsBs8zPliE=' --> |
| michael@0 | 22 | <script nonce="foobar">document.getElementById("inline-script-valid-hash-invalid-nonce").innerHTML = "allowed";</script> |
| michael@0 | 23 | <!-- 'sha256-E5TX2PmYZ4YQOK/F3XR1wFcvFjbO7QHMmxHTT/18LbE=' (not in policy) --> |
| michael@0 | 24 | <script nonce="foobar">document.getElementById("inline-script-invalid-hash-invalid-nonce").innerHTML = "allowed";</script> |
| michael@0 | 25 | <!-- 'sha512-tMLuv22jJ5RHkvLNlv0otvA2fgw6PF16HKu6wy0ZDQ3M7UKzoygs1uxIMSfjMttgWrB5WRvIr35zrTZppMYBVw==' (in policy) --> |
| michael@0 | 26 | <script>document.getElementById("inline-script-valid-sha512-hash").innerHTML = "allowed";</script> |
| michael@0 | 27 | <!-- 'sha384-XjAD+FxZfipkxna4id1JrR2QP6OYUZfAxpn9+yHOmT1VSLVa9SQR/dz7CEb7jw7w' (in policy) --> |
| michael@0 | 28 | <script>document.getElementById("inline-script-valid-sha384-hash").innerHTML = "allowed";</script> |
| michael@0 | 29 | <!-- 'sha1-LHErkMxKGcSpa/znpzmKYkKnI30=' (in policy) --> |
| michael@0 | 30 | <script>document.getElementById("inline-script-valid-sha1-hash").innerHTML = "allowed";</script> |
| michael@0 | 31 | <!-- 'md5-/m4wX3YU+IHs158KwKOBWg==' (in policy) --> |
| michael@0 | 32 | <script>document.getElementById("inline-script-valid-md5-hash").innerHTML = "allowed";</script> |
| michael@0 | 33 | |
| michael@0 | 34 | <!-- inline styles --> |
| michael@0 | 35 | <p id="inline-style-valid-hash"></p> |
| michael@0 | 36 | <p id="inline-style-invalid-hash"></p> |
| michael@0 | 37 | <p id="inline-style-invalid-hash-valid-nonce"></p> |
| michael@0 | 38 | <p id="inline-style-valid-hash-invalid-nonce"></p> |
| michael@0 | 39 | <p id="inline-style-invalid-hash-invalid-nonce"></p> |
| michael@0 | 40 | <p id="inline-style-valid-sha512-hash"></p> |
| michael@0 | 41 | <p id="inline-style-valid-sha384-hash"></p> |
| michael@0 | 42 | <p id="inline-style-valid-sha1-hash"></p> |
| michael@0 | 43 | <p id="inline-style-valid-md5-hash"></p> |
| michael@0 | 44 | |
| michael@0 | 45 | <!-- 'sha256-UpNH6x+Ux99QTW1fJikQsVbBERJruIC98et0YDVKKHQ=' (in policy) --> |
| michael@0 | 46 | <style>p#inline-style-valid-hash { color: green; }</style> |
| michael@0 | 47 | <!-- 'sha256-+TYxTx+bsfTDdivWLZUwScEYyxuv6lknMbNjrgGBRZo=' (not in policy) --> |
| michael@0 | 48 | <style>p#inline-style-invalid-hash { color: red; }</style> |
| michael@0 | 49 | <!-- 'sha256-U+9UPC/CFzz3QuOrl5q3KCVNngOYWuIkE2jK6Ir0Mbs=' (not in policy) --> |
| michael@0 | 50 | <style nonce="ftL2UbGHlSEaZTLWMwtA5Q==">p#inline-style-invalid-hash-valid-nonce { color: green; }</style> |
| michael@0 | 51 | <!-- 'sha256-0IPbWW5IDJ/juvETq60oTnhC+XzOqdYp5/UBsBKCaOY=' (in policy) --> |
| michael@0 | 52 | <style nonce="foobar">p#inline-style-valid-hash-invalid-nonce { color: green; }</style> |
| michael@0 | 53 | <!-- 'sha256-KaHZgPd4nC4S8BVLT/9WjzdPDtunGWojR83C2whbd50=' (not in policy) --> |
| michael@0 | 54 | <style nonce="foobar">p#inline-style-invalid-hash-invalid-nonce { color: red; }</style> |
| michael@0 | 55 | <!-- 'sha512-EpcDbSuvFv0HIyKtU5tQMN7UtBMeEbljz1dWPfy7PNCa1RYdHKwdJWT1tie41evq/ZUL1rzadSVdEzq3jl6Twg==' (in policy) --> |
| michael@0 | 56 | <style>p#inline-style-valid-sha512-hash { color: green; }</style> |
| michael@0 | 57 | <!-- 'sha384-c5W8ON4WyeA2zEOGdrOGhRmRYI8+2UzUUmhGQFjUFP6yiPZx9FGEV3UOiQ+tIshF' (in policy) --> |
| michael@0 | 58 | <style>p#inline-style-valid-sha384-hash { color: green; }</style> |
| michael@0 | 59 | <!-- 'sha1-T/+b4sxCIiJxDr6XS9dAEyHKt2M=' (in policy) --> |
| michael@0 | 60 | <style>p#inline-style-valid-sha1-hash { color: red; }</style> |
| michael@0 | 61 | <!-- 'md5-oNrgrtzOZduwDYYi1yo12g==' (in policy) --> |
| michael@0 | 62 | <style>p#inline-style-valid-md5-hash { color: red; }</style> |
| michael@0 | 63 | |
| michael@0 | 64 | </body> |
| michael@0 | 65 | </html> |
