The Tor Browser / file comparison
comparison: content/base/test/csp/file_hash_source.html
content/base/test/csp/file_hash_source.html
- branch
- TOR_BUG_9701
- changeset 8
- 97036ab72558
equal
deleted
inserted
replaced
| -1:000000000000 | 0:d15e938b71f4 |
|---|---|
| 1 <!doctype html> | |
| 2 <html> | |
| 3 <body> | |
| 4 <!-- inline scripts --> | |
| 5 <p id="inline-script-valid-hash">blocked</p> | |
| 6 <p id="inline-script-invalid-hash">blocked</p> | |
| 7 <p id="inline-script-invalid-hash-valid-nonce">blocked</p> | |
| 8 <p id="inline-script-valid-hash-invalid-nonce">blocked</p> | |
| 9 <p id="inline-script-invalid-hash-invalid-nonce">blocked</p> | |
| 10 <p id="inline-script-valid-sha512-hash">blocked</p> | |
| 11 <p id="inline-script-valid-sha384-hash">blocked</p> | |
| 12 <p id="inline-script-valid-sha1-hash">blocked</p> | |
| 13 <p id="inline-script-valid-md5-hash">blocked</p> | |
| 14 | |
| 15 <!-- 'sha256-siVR8vAcqP06h2ppeNwqgjr0yZ6yned4X2VF84j4GmI=' (in policy) --> | |
| 16 <script>document.getElementById("inline-script-valid-hash").innerHTML = "allowed";</script> | |
| 17 <!-- 'sha256-cYPTF2pm0QeyDtbmJ3+xi00o2Rxrw7vphBoHgOg9EnQ=' (not in policy) --> | |
| 18 <script>document.getElementById("inline-script-invalid-hash").innerHTML = "allowed";</script> | |
| 19 <!-- 'sha256-SKtBKyfeMjBpOujES0etR9t/cklbouJu/3T4PXnjbIo=' (not in policy) --> | |
| 20 <script nonce="jPRxvuRHbiQnCWVuoCMAvQ==">document.getElementById("inline-script-invalid-hash-valid-nonce").innerHTML = "allowed";</script> | |
| 21 <!-- 'sha256-z7rzCkbOJqi08lga3CVQ3b+3948ZbJWaSxsBs8zPliE=' --> | |
| 22 <script nonce="foobar">document.getElementById("inline-script-valid-hash-invalid-nonce").innerHTML = "allowed";</script> | |
| 23 <!-- 'sha256-E5TX2PmYZ4YQOK/F3XR1wFcvFjbO7QHMmxHTT/18LbE=' (not in policy) --> | |
| 24 <script nonce="foobar">document.getElementById("inline-script-invalid-hash-invalid-nonce").innerHTML = "allowed";</script> | |
| 25 <!-- 'sha512-tMLuv22jJ5RHkvLNlv0otvA2fgw6PF16HKu6wy0ZDQ3M7UKzoygs1uxIMSfjMttgWrB5WRvIr35zrTZppMYBVw==' (in policy) --> | |
| 26 <script>document.getElementById("inline-script-valid-sha512-hash").innerHTML = "allowed";</script> | |
| 27 <!-- 'sha384-XjAD+FxZfipkxna4id1JrR2QP6OYUZfAxpn9+yHOmT1VSLVa9SQR/dz7CEb7jw7w' (in policy) --> | |
| 28 <script>document.getElementById("inline-script-valid-sha384-hash").innerHTML = "allowed";</script> | |
| 29 <!-- 'sha1-LHErkMxKGcSpa/znpzmKYkKnI30=' (in policy) --> | |
| 30 <script>document.getElementById("inline-script-valid-sha1-hash").innerHTML = "allowed";</script> | |
| 31 <!-- 'md5-/m4wX3YU+IHs158KwKOBWg==' (in policy) --> | |
| 32 <script>document.getElementById("inline-script-valid-md5-hash").innerHTML = "allowed";</script> | |
| 33 | |
| 34 <!-- inline styles --> | |
| 35 <p id="inline-style-valid-hash"></p> | |
| 36 <p id="inline-style-invalid-hash"></p> | |
| 37 <p id="inline-style-invalid-hash-valid-nonce"></p> | |
| 38 <p id="inline-style-valid-hash-invalid-nonce"></p> | |
| 39 <p id="inline-style-invalid-hash-invalid-nonce"></p> | |
| 40 <p id="inline-style-valid-sha512-hash"></p> | |
| 41 <p id="inline-style-valid-sha384-hash"></p> | |
| 42 <p id="inline-style-valid-sha1-hash"></p> | |
| 43 <p id="inline-style-valid-md5-hash"></p> | |
| 44 | |
| 45 <!-- 'sha256-UpNH6x+Ux99QTW1fJikQsVbBERJruIC98et0YDVKKHQ=' (in policy) --> | |
| 46 <style>p#inline-style-valid-hash { color: green; }</style> | |
| 47 <!-- 'sha256-+TYxTx+bsfTDdivWLZUwScEYyxuv6lknMbNjrgGBRZo=' (not in policy) --> | |
| 48 <style>p#inline-style-invalid-hash { color: red; }</style> | |
| 49 <!-- 'sha256-U+9UPC/CFzz3QuOrl5q3KCVNngOYWuIkE2jK6Ir0Mbs=' (not in policy) --> | |
| 50 <style nonce="ftL2UbGHlSEaZTLWMwtA5Q==">p#inline-style-invalid-hash-valid-nonce { color: green; }</style> | |
| 51 <!-- 'sha256-0IPbWW5IDJ/juvETq60oTnhC+XzOqdYp5/UBsBKCaOY=' (in policy) --> | |
| 52 <style nonce="foobar">p#inline-style-valid-hash-invalid-nonce { color: green; }</style> | |
| 53 <!-- 'sha256-KaHZgPd4nC4S8BVLT/9WjzdPDtunGWojR83C2whbd50=' (not in policy) --> | |
| 54 <style nonce="foobar">p#inline-style-invalid-hash-invalid-nonce { color: red; }</style> | |
| 55 <!-- 'sha512-EpcDbSuvFv0HIyKtU5tQMN7UtBMeEbljz1dWPfy7PNCa1RYdHKwdJWT1tie41evq/ZUL1rzadSVdEzq3jl6Twg==' (in policy) --> | |
| 56 <style>p#inline-style-valid-sha512-hash { color: green; }</style> | |
| 57 <!-- 'sha384-c5W8ON4WyeA2zEOGdrOGhRmRYI8+2UzUUmhGQFjUFP6yiPZx9FGEV3UOiQ+tIshF' (in policy) --> | |
| 58 <style>p#inline-style-valid-sha384-hash { color: green; }</style> | |
| 59 <!-- 'sha1-T/+b4sxCIiJxDr6XS9dAEyHKt2M=' (in policy) --> | |
| 60 <style>p#inline-style-valid-sha1-hash { color: red; }</style> | |
| 61 <!-- 'md5-oNrgrtzOZduwDYYi1yo12g==' (in policy) --> | |
| 62 <style>p#inline-style-valid-md5-hash { color: red; }</style> | |
| 63 | |
| 64 </body> | |
| 65 </html> |
