-
Notifications
You must be signed in to change notification settings - Fork 8
/
mixed_content_examples.php
88 lines (73 loc) · 3.21 KB
/
mixed_content_examples.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* An file which creates bad example links
*
* @package local_csp
* @author Suan Kan <[email protected]>
* @copyright Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
require_once(__DIR__ . '/../../config.php');
require_once($CFG->libdir.'/adminlib.php');
admin_externalpage_setup('local_csp_examples');
$title = get_string('mixedcontentexamples', 'local_csp');
$PAGE->set_title($title);
$PAGE->set_heading($title);
$PAGE->set_pagelayout('admin');
global $OUTPUT;
echo $OUTPUT->header();
echo $OUTPUT->heading($title);
$nonsslwwwroot = str_replace('https', 'http', $CFG->wwwroot);
echo html_writer::tag('h5', get_string('loadingmixedcontentdescription', 'local_csp'));
$insecurescript = $nonsslwwwroot . '/local/csp/samples/sample.js';
echo html_writer::tag('p', get_string('loadinsecurejavascript', 'local_csp', $insecurescript));
echo html_writer::start_tag('script', array(
'type' => 'text/javascript',
'src' => $insecurescript,
));
echo html_writer::end_tag('script');
$externalscript = 'https://code.jquery.com/jquery-3.5.1.min.js';
echo html_writer::tag('p', get_string('loadexternaljavascript', 'local_csp', $externalscript));
echo html_writer::start_tag('script', array(
'type' => 'text/javascript',
'src' => $externalscript,
));
echo html_writer::end_tag('script');
$insecurecss = $nonsslwwwroot . '/local/csp/samples/sample.css';
echo html_writer::tag('p', get_string('loadinsecurecss', 'local_csp', $insecurecss));
echo html_writer::start_tag('link', array(
'src' => $insecurecss,
'rel' => "stylesheet",
));
echo html_writer::end_tag('link');
$insecureimage = $nonsslwwwroot . '/local/csp/samples/sample.jpg';
echo html_writer::tag('p', get_string('loadinsecureimage', 'local_csp', $insecureimage));
echo html_writer::tag('img', '', array(
'src' => $insecureimage,
));
$insecureiframe = $nonsslwwwroot . '/local/csp/samples/sample.html';
echo html_writer::tag('p', get_string('loadinsecureiframe', 'local_csp', $insecureiframe));
echo html_writer::tag('iframe', '', array(
'src' => $insecureiframe,
));
echo html_writer::tag('p', get_string('loaddata', 'local_csp'));
echo html_writer::tag('img', '', array(
'src' => "data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAA" .
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKq" .
"NKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7"
));
echo $OUTPUT->footer();