Forum Discussion
CSP Hash Incorrect Despite Correct Script and Hash (CSP Lab Issue?)
Hello all!
I'm working on Introduction to Content Security Policy (CSP) Lab: Content Security Policy: Hashes exercise that requires generating the correct hash for an inline script like:
<script>document.body.style.backgroundColor = "#ADDADE";</script>
I’ve used both CyberChef and the SHA-256 JavaScript snippet to generate hashes like:
sha256-+BWzTX+GJrse8ifajvHg6QFPdmE+JjXYmrYBn+kLITo=
sha256-Msn/9dD1zBN7LGZyQyglKL9JMVyCsVqvZ7MAkmm/BpU=
I've accounted for trailing newlines and whitespaces (CRLF, LF), used View Source (not dev tools), and verified that I'm hashing the exact script content. However, the lab continues to mark the answer as “incorrect.”
Is this likely a glitch in the lab setup, or is there a common mistake I might be overlooking? Would appreciate any help or confirmation from someone who’s completed this lab or run into a similar problem
5 Replies
- SamDickison
Community Manager
Hey anressh, apologies for missing this, as it looks like you asked it a while ago. I can see that BigChungus and steven have completed this lab. I wonder if they could help you... Otherwise, I can see if one of our team can help.
- SamDickison
Hi anressh sorry for not picking this up again. Did you manage to complete the lab?
Hi SamDickison ! I have also faced with the same problem here. Different instruments were used to generate the hash and still no luck. It would be great to get a hint there.
- SamDickison
I've just requested some help for you 👍
- MaxCucchi
Community Support
Hi eugene!
For this lab task, I recommend following the link to CyberChef shared at the bottom of the lab's Briefing in the text box labeled "Hash generation."
This link will direct you to the CyberChef web application, where the script has been pre-filled for you. As a hint, I suggest looking for the Output in CyberChef based on the script that has been filled in.I hope that this helps out 😊
