<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta http-equiv="Content-Security-Policy" content="script-src 'sha256-OBpkpZD3ME366d9wfdsWwYSvYORUMfT+bvUVI5XJzBw=' 'sha256-6VVrnAGI98OnlK9Y20hAMwfwBE8c8FOtE/jDYM7tPFk='">
<script>
if (window.testRunner)
testRunner.dumpAsText();
</script>
<!-- The following two scripts contain two separate code points (U+00C5
and U+212B, respectively) which, depending on your text editor, might be
rendered the same. However, their difference is important as they would
be NFC normalized to the same code point, matching the hash. Since NFC
normalization should not be performed, the second script should not
match the hash and must not be executed. -->
<script data-alert="PASS (1/1)">
'Å';
alert(document.currentScript.dataset.alert);
</script>
<script data-alert="FAIL">
'Å';
alert(document.currentScript.dataset.alert);
</script>
</head>
<body>
<p>
This tests Unicode normalization. While appearing the same, the
strings in the scripts are different Unicode points. Unicode NFC
normalization would make both match the hash, but normalization
should not be performed, and so the second script should not run.
</p>
</body>
</html>
Codebase Browser
chromium