Note:

  1. Run test in an insecure context, e.g. http://example.com/.