<!DOCTYPE html>
<html>
<head>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jshashes/1.0.7/hashes.min.js"></script>
<script src="https://code.jquery.com/jquery-3.3.1.min.js" integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8=" crossorigin="anonymous"></script>
</head>
<body>
<script>
function checkBreachedPassword() {
var password = document.getElementById("pass").value;
var passwordDigest = new Hashes.SHA1().hex(password);
var digestFive = passwordDigest.substring(0, 5).toUpperCase();
var queryURL = "https://api.pwnedpasswords.com/range/" + digestFive;
var checkDigest = passwordDigest.substring(5, 41).toUpperCase();
var result;
$.ajax({
url: queryURL,
type: 'GET',
async: false,
success: function(res) {
if (res.search(checkDigest) > -1){
result = false;
document.getElementById("result").innerHTML = "Result: Breached"
} else {
result = true;
document.getElementById("result").innerHTML = "Result: Not Breached <redirected>"
}
}
});
return result;
}
</script>
<form action="#" onsubmit="return checkBreachedPassword();" style="margin:auto auto 50px auto;">
Enter password:
<input id="pass" type="password" name="password">
<input type="submit" value="Submit">
</form>
<p id="result">Result: </p>
</body>
</html>