UNPKG

csp_evaluator

Version:

Evaluate Content Security Policies for a wide range of bypasses and weaknesses

csp-evaluator.withgoogle.com

google/csp-evaluator

137 lines (135 loc) 5.7 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
{"needsEval": [ "googletagmanager.com", "www.googletagmanager.com", "www.googleadservices.com", "google-analytics.com", "ssl.google-analytics.com", "www.google-analytics.com" ], "urls": [ "//bebezoo.1688.com/fragment/index.htm", "//www.google-analytics.com/gtm/js", "//googleads.g.doubleclick.net/pagead/conversion/1036918760/wcm", "//www.googleadservices.com/pagead/conversion/1070110417/wcm", "//www.google.com/tools/feedback/escalation-options", "//pin.aliyun.com/check_audio", "//offer.alibaba.com/market/CID100002954/5/fetchKeyword.do", "//ccrprod.alipay.com/ccr/arriveTime.json", "//group.aliexpress.com/ajaxAcquireGroupbuyProduct.do", "//detector.alicdn.com/2.7.3/index.php", "//suggest.taobao.com/sug", "//translate.google.com/translate_a/l", "//count.tbcdn.cn//counter3", "//wb.amap.com/channel.php", "//translate.googleapis.com/translate_a/l", "//afpeng.alimama.com/ex", "//accounts.google.com/o/oauth2/revoke", "//pagead2.googlesyndication.com/relatedsearch", "//yandex.ru/soft/browsers/check", "//api.facebook.com/restserver.php", "//mts0.googleapis.com/maps/vt", "//syndication.twitter.com/widgets/timelines/765840589183213568", "//www.youtube.com/profile_style", "//googletagmanager.com/gtm/js", "//mc.yandex.ru/watch/24306916/1", "//share.yandex.net/counter/gpp/", "//ok.go.mail.ru/lady_on_lady_recipes_r.json", "//d1f69o4buvlrj5.cloudfront.net/__efa_15_1_ornpba.xekq.arg/optout_check", "//www.googletagmanager.com/gtm/js", "//api.vk.com/method/wall.get", "//www.sharethis.com/get-publisher-info.php", "//google.ru/maps/vt", "//pro.netrox.sc/oapi/h_checksite.ashx", "//vimeo.com/api/oembed.json/", "//de.blog.newrelic.com/wp-admin/admin-ajax.php", "//ajax.googleapis.com/ajax/services/search/news", "//ssl.google-analytics.com/gtm/js", "//pubsub.pubnub.com/subscribe/demo/hello_world/", "//pass.yandex.ua/services", "//id.rambler.ru/script/topline_info.js", "//m.addthis.com/live/red_lojson/100eng.json", "//passport.ngs.ru/ajax/check", "//catalog.api.2gis.ru/ads/search", "//gum.criteo.com/sync", "//maps.google.com/maps/vt", "//ynuf.alipay.com/service/um.json", "//securepubads.g.doubleclick.net/gampad/ads", "//c.tiles.mapbox.com/v3/texastribune.tx-congress-cvap/6/15/26.grid.json", "//rexchange.begun.ru/banners", "//an.yandex.ru/page/147484", "//links.services.disqus.com/api/ping", "//api.map.baidu.com/", "//tj.gongchang.com/api/keywordrecomm/", "//data.gongchang.com/livegrail/", "//ulogin.ru/token.php", "//beta.gismeteo.ru/api/informer/layout.js/120x240-3/ru/", "//maps.googleapis.com/maps/api/js/GeoPhotoService.GetMetadata", "//a.config.skype.com/config/v1/Skype/908_1.33.0.111/SkypePersonalization", "//maps.beeline.ru/w", "//target.ukr.net/", "//www.meteoprog.ua/data/weather/informer/Poltava.js", "//cdn.syndication.twimg.com/widgets/timelines/599200054310604802", "//wslocker.ru/client/user.chk.php", "//community.adobe.com/CommunityPod/getJSON", "//maps.google.lv/maps/vt", "//dev.virtualearth.net/REST/V1/Imagery/Metadata/AerialWithLabels/26.318581", "//awaps.yandex.ru/10/8938/02400400.", "//a248.e.akamai.net/h5.hulu.com/h5.mp4", "//nominatim.openstreetmap.org/", "//plugins.mozilla.org/en-us/plugins_list.json", "//h.cackle.me/widget/32153/bootstrap", "//graph.facebook.com/1/", "//fellowes.ugc.bazaarvoice.com/data/reviews.json", "//widgets.pinterest.com/v3/pidgets/boards/ciciwin/hedgehog-squirrel-crafts/pins/", "//se.wikipedia.org/w/api.php", "//cse.google.com/api/007627024705277327428/cse/r3vs7b0fcli/queries/js", "//relap.io/api/v2/similar_pages_jsonp.js", "//c1n3.hypercomments.com/stream/subscribe", "//maps.google.de/maps/vt", "//books.google.com/books", "//connect.mail.ru/share_count", "//tr.indeed.com/m/newjobs", "//www-onepick-opensocial.googleusercontent.com/gadgets/proxy", "//www.panoramio.com/map/get_panoramas.php", "//client.siteheart.com/streamcli/client", "//www.facebook.com/restserver.php", "//autocomplete.travelpayouts.com/avia", "//www.googleapis.com/freebase/v1/topic/m/0344_", "//mts1.googleapis.com/mapslt/ft", "//publish.twitter.com/oembed", "//fast.wistia.com/embed/medias/o75jtw7654.json", "//partner.googleadservices.com/gampad/ads", "//pass.yandex.ru/services", "//gupiao.baidu.com/stocks/stockbets", "//widget.admitad.com/widget/init", "//api.instagram.com/v1/tags/partykungen23328/media/recent", "//video.media.yql.yahoo.com/v1/video/sapi/streams/063fb76c-6c70-38c5-9bbc-04b7c384de2b", "//ib.adnxs.com/jpt", "//pass.yandex.com/services", "//www.google.de/maps/vt", "//clients1.google.com/complete/search", "//api.userlike.com/api/chat/slot/proactive/", "//www.youku.com/index_cookielist/s/jsonp", "//mt1.googleapis.com/mapslt/ft", "//api.mixpanel.com/track/", "//wpd.b.qq.com/cgi/get_sign.php", "//pipes.yahooapis.com/pipes/pipe.run", "//gdata.youtube.com/feeds/api/videos/WsJIHN1kNWc", "//9.chart.apis.google.com/chart", "//cdn.syndication.twitter.com/moments/709229296800440320", "//api.flickr.com/services/feeds/photos_friends.gne", "//cbks0.googleapis.com/cbk", "//www.blogger.com/feeds/5578653387562324002/posts/summary/4427562025302749269", "//query.yahooapis.com/v1/public/yql", "//kecngantang.blogspot.com/feeds/posts/default/-/Komik", "//www.travelpayouts.com/widgets/50f53ce9ada1b54bcc000031.json", "//i.cackle.me/widget/32586/bootstrap", "//translate.yandex.net/api/v1.5/tr.json/detect", "//a.tiles.mapbox.com/v3/zentralmedia.map-n2raeauc.jsonp", "//maps.google.ru/maps/vt", "//c1n2.hypercomments.com/stream/subscribe", "//rec.ydf.yandex.ru/cookie" ] }