tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

navigate-parent-to-blob.html (593B)

      1 <!DOCTYPE html>
      2 <html>
      3  <head>
      4    <meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline'">
      5  </head>
      6  <body>
      7    <script>
      8      const blob_payload = `
      9        <!doctype html>
     10         <script>
     11           var i = false;
     12           try {
     13             eval('i = true');
     14           } catch {}
     15           opener.postMessage(i ? "eval allowed" : "eval blocked", '*');
     16         </scr` + `ipt>
     17         `;
     18      var blob_url = URL.createObjectURL(
     19          new Blob([blob_payload], { type: 'text/html' }));
     20      parent.location = blob_url;
     21    </script>
     22  </body>
     23 </html>