Created
March 20, 2023 05:39
-
-
Save pascalalfadian/9c1ea753b374a21e3702450bbd70e79e to your computer and use it in GitHub Desktop.
Kitchen Sink for Security chapter of Web Almanac 2022
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
header('Strict-Transport-Security: max-age=60'); | |
?><!doctype html> | |
<html lang="en"> | |
<head> | |
<title>Kitchen Sink for Security chapter of Web Almanac 2022</title> | |
<script src="https://code.jquery.com/jquery-3.6.4.min.js" integrity="sha256-oP6HI9z1XaZNBrJURtCoUT5SUnxFr8s3BzRl+cbzUq8=" crossorigin="anonymous"></script> | |
</head> | |
<body> | |
<h1>Kitchen Sink for Security chapter of Web Almanac 2022</h1> | |
<p>View source <a href="https://gist.github.com/pascalalfadian/9c1ea753b374a21e3702450bbd70e79e">here</a>.</p> | |
<h2>Protocol version, Cipher Suite, Certificate Authority</h2> | |
<p>Check browser for protocol version (Developer Console > Security tab).</p> | |
<h2>HSTS</h2> | |
<p>In Google Chrome, check <code>chrome://net-internals/#hsts</code>.</p> | |
<h2>SRI</h2> | |
<p>If jQuery works, <a href="#" id="here">Clicking here</a> will show an alert.</p> | |
<script> | |
$('#here').click(function(e) { | |
e.preventDefault(); | |
alert('Hello, world!'); | |
}); | |
</script> | |
<h2>Web Crypto API</h2> | |
<p><a href="#" id="webcrypto">Click here</a> to generate random values: <span id="webcrypto-output"></span>.</p> | |
<script> | |
$('#webcrypto').click(function(e) { | |
e.preventDefault(); | |
let array = new Uint8Array(10); | |
self.crypto.getRandomValues(array); | |
$('#webcrypto-output').text(JSON.stringify(array)); | |
}); | |
</script> | |
</body> | |
</html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment