πŸ”’ StaticSecure: A decent way to password-protect your Glitch project


StaticSecure allows you to encrypt text/webpages (and hopefully later files) without a server. I have made documentation at the link below.
Here is an example of how it works. The source of that page is here.
This is basically how it works:

  1. You would encrypt a file, some text, or HTML using AES encryption here
  2. When a user comes to the webpage, they must have a decyption key, eg: ?key=[PASSWORD]. The key is in the URL as a query paramater.
  3. If the key is correct, the text is decrypted. If it is wrong, It shows nothing, or throws an error.

You can learn more about it/download it here: https://staticsecure.glitch.me

Edit: I made updates to the post because I didn’t really explain that much and @wh0 asked me to change it so thanks!

3 Likes

So it will hide all HTML content if the key is incorrect?

Yes. It might throw an error of β€œMalformed UTF-8 text” if it is incorrect.

1 Like

Oooh, cool!

Thanks!
(10char)

1 Like

REHeader has uses other than generating README headers, I guess.

Hey, what would stop someone from sending a bunch of requests testing different passwords?

Lol I guess so

Nothing. It is a static site. However, it would probably be best to choose a strong password.

It would be nice if a cli was included with the program so you don’t have to google a random AES encryptor

https://staticsecure.glitch.me/encrypt.html

but that involves downloading the file and then reuploading. With a program you can encrypt all the files pretty quickly and possibly in parellel. If you want to stick to the web I suggest you do encryption in a web worker.
A small issue is that it breaks on slightly bigger files(i put in ffmpeg.exe for some reason)


The main issue here is that since the files are encrypted not even glitch can decrypt them. What’s to stop someone from using this to share something against TOS using this. Maybe we can put a copy of the password in .env if the glitch team thinks the files are suspcious

At least you don’t need to download anything.

It’s designed for smaller things.

Ok.

this is awesome!!!

2 Likes

Thanks!
(10char)

1 Like

haha - i saw the lock emoji and thought β€œwhy is this thread locked?”

6 Likes

Ok, in the next version, Things will be loaded from URLs instead of direct strings because trying to keep strings in HTML files will kill memory.

The problem with that is there’s a 2000 character limit in the standard


which is fine when you want to store pictures of 8 bit art but not really practical for entire webpage.

No, I thought it was 4100.

The problem with what? Loading from a url?

oh nvm it sounded like you were loading from the url parameters

2 Likes