this post was submitted on 31 Aug 2024
168 points (98.8% liked)

Open Source

31020 readers
786 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
168
Staticrypt: Password protect a static HTML page, decrypted in-browser in JS with no dependency. No server logic needed. (github.com)
submitted 2 months ago* (last edited 2 months ago) by [email protected] to c/[email protected]
21 comments fedilink hide all child comments
 

HN discussion: https://news.ycombinator.com/item?id=41404064

Similar tools:

https://github.com/dividuum/html-vault

https://github.com/MaxLaumeister/PageCrypt

https://github.com/a-nau/password-protected-website-template

https://github.com/sowbug/quaid

https://github.com/mprimi/portable-secret

Thanks to @[email protected]

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 12 points 2 months ago

It is not a problem to distribute the decryption algorithm. The question remains against what this will protect. Normal https encrypts the traffic safely during transit. With this, the data is also encrypted on the server. But if you can access the server, you can modify the javascript code to send the password back to a server.

It could be used on something like IPFS, where all data is basically public but you can be sure it hasn't been modified.