Rafiot
commented
10 months ago This is a possible solution: https://github.com/microsoft/playwright/issues/22944 - Only works with the new headless
@adulau pointed out brave solved it in a much cleaner way: https://github.com/brave/brave-browser/issues/13834
Buckle up, this one is fun.
It initially came up when this code seemed to detect the capture: https://github.com/Lookyloo/testing/blob/main/website/templates/99.3.compute_hashes.html
But it will work just fine when you try to capture it from: https://rafiot.eu.pythonanywhere.com/compute_sha512
The trick is that the initial code came from an onion website, and this API is only available in secure context. Which is not the case for the onion website. So the capture will systematically fail to compute the proper hash.
The same URL will work just fine with the TorBrowserBundle because this one allows to run the crypto API on onion websites.