kkapsner
parent
8e4a881288
commit
2f6ca07bba
|
|
@ -18,4 +18,11 @@ addLine("window name after set: " + window.name);
|
|||
|
||||
const hashValue = await testAPI.hash(canvasAPI.fingerprint(window).url);
|
||||
addLine("canvas hash: " + hashValue);
|
||||
}());
|
||||
}());
|
||||
|
||||
document.getElementById("reloadWith304").addEventListener("click", function(){
|
||||
"use strict";
|
||||
|
||||
document.cookie = "304=1";
|
||||
location.reload();
|
||||
});
|
||||
|
|
@ -1,6 +1,12 @@
|
|||
<?php
|
||||
|
||||
header("Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'");
|
||||
if (array_key_exists("304", $_COOKIE)){
|
||||
http_response_code(304);
|
||||
setcookie("304", "", time() - 1000);
|
||||
die();
|
||||
}
|
||||
else {
|
||||
header("Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'");
|
||||
}
|
||||
|
||||
?>
|
||||
<!DOCTYPE html>
|
||||
|
|
@ -18,11 +24,15 @@ header("Content-Security-Policy: default-src 'none'; img-src 'self'; script-src
|
|||
<ul>
|
||||
<li>if the window API protection is active the window name at start is always empty</li>
|
||||
<li>the canvas hash changes upon reload (depending on CanvasBlocker settings - e.g. not in the stealth preset)</li>
|
||||
<li>there is no line saying "THIS SHOULD NOT BE VISIBLE!" when reloading with <a id="reloadWith304" href="">this</a> link</li>
|
||||
</ul>
|
||||
<h2>Tests</h2>
|
||||
<div id="results"></div>
|
||||
<script src="testAPI.js"></script>
|
||||
<script src="canvasAPI.js"></script>
|
||||
<script src="cspTest.js"></script>
|
||||
<script>
|
||||
addLine("THIS SHOULD NOT BE VISIBLE!");
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
Loading…
Reference in New Issue