pagecrypt

PageCrypt - Password Protected Single Page Applications and HTML files

Easily add client-side password-protection to your Single Page Applications and HTML files.

Inspired by MaxLaumeister/PageCrypt. Thanks for sharing an excellent starting point to create this tool!

Get started

There are 3 different ways to use pagecrypt:

1. CLI

Encrypt a single HTML-file with one command:

npx pagecrypt [input.html] [output.html] [password]

2. Automate pagecrypt in your build process

This allows automated encrypted builds for single page applications

npm i -D pagecrypt

package.json:

{
    "devDependencies": {
        "pagecrypt": "^3.0.0"
    },
    "scripts": {
        "build": "...",
        "postbuild": "pagecrypt index.html encrypted.html password"
    }
}

3. Node.js API

You can also use pagecrypt in your Node.js scripts:

encrypt(inputFile: string, outputFile: string, password: string): Promise<void>

import { encrypt } from 'pagecrypt'

// Encrypt a HTML file and write to the filesystem
await encrypt('input.html', 'output.html', 'password')

encryptHTML(inputHTML: string, password: string): Promise<string>

import { encryptHTML } from 'pagecrypt'

// Encrypt a HTML string and return an encrypted HTML string.
// Write it to a file or send as an HTTPS response.
const encryptedHTML = await encryptHTML(
    `<!DOCTYPE html>
    <html lang="en">
        <head>
            <meta charset="UTF-8">
        </head>
        <body>
            Secret
        </body>
    </html>
`,
    'password',
)

---

Development

The project consists of four parts:

• /web - Web frontend for public webpage (decrypt-template.html). Built using Vite & Tailwind CSS.
• /index.js - pagecrypt main library.
• /cli.js - pagecrypt CLI.
• /test - testing setup

Setup a local development environment

1. Install Node.js >= 15.0.0
2. Run npm install in project root.
3. Install and use mkcert to generate local certificates to enable HTTPS for the development server. For example mkcert localhost 192.168.1.32 to generate a two files ending with *.pem.
4. Update vite.config.js to load the generated *.pem files in the https section.
5. To use npm run serve, also update to the correct *.pem filenames in the npm script.

Testing

npm test will run basic tests for JS API and CLI. Verify results by opening test/out-js.html and test/out-cli.html in your browser.

---

Welcome to submit your pull requests!

Changelog

3.0.0 - 2021-04-24

Features

• Replace node-forge with the standard Web Crypto API - both in Node.js and in browsers.

  • This greatly improves performance, bundle size and security compared to v1.x and v2.x.
  • This allows using the same native code both for encryption in Node.js and decryption in the browser, simplifying the codebase.

• decrypt-template.html file size reduced from 290 KB to 10 KB - (96 % less boilerplate code). This ensures the encrypted page will be the clear majority of the code shipped to the user.

• PBKDF2 default iteration count increased from 1e5 to 2e6, greatly improving security.

Fixes

• Fix #6: Replace vite preview with sirv-cli to fix upstream issue
• Upgrade to Tailwind CSS 2.1.2
• Cleanup web/index.html to reduce unused characters
• Update README with instructions for enabling https for localhost
• Use stronger test password

---