This page loads app.js, which contains intentional test secrets
(a verified basic-auth URI, a fake token, and a throwaway private key).
With the SecretsHunter extension installed and rvsela.com in its scope,
visiting this page should make the extension send app.js to the engine and
report the findings in the popup.
All secrets here are non-sensitive test data. Safe to scan.