Ask HN: Encryption for blog posts on static sites?
Is there a simple way to add encryption to a static site (e.g. hugo, jekyll etc.) and it can be decrypted on the browser without a backend?
This would be for something like a personal journal or close-friends only blog posts while keep the rest of the site open.
14 comments
[ 3.9 ms ] story [ 45.2 ms ] threadLet's say I have a blog post. I want it scrambled (encrypted) unless a password is entered on the client side so it can be read. I would give out the password to specific people only, who'd be able to read it.
Could an SSL certificate be used for that?
But why not this: publish the blog post the normal way and configure the web server to only serve it to people with a proper username/password (HTTP Basic Authentication).
All browsers and web servers let you do that.
For Apache, see this example: https://httpd.apache.org/docs/current/howto/htaccess.html#au...
To clarify, it would be a static site with hosting on something like netlify or github or gitlab pages, where you don't have access to the server.
However, I'm looking for something without vendor lock-in. So moving to AWS or github pages won't affect functionality.
That said, I'm using the Stanford JavaScript Crypto Library on https://github.com/gabrielsroka/gabrielsroka.github.io/blob/...
What about authentication? Maybe putting it on a Google doc and sharing it with certain people?
The crypto library and the html snippet are helpful, thanks!
You could agree on a source text with your friends in an out-of-band way, then everyone just has to go and download whatever book/song/etc that you agree on in order to decode your articles.
Anybody who isn't 'in-the-know' will just see gibberish.
[1] https://github.com/rw/plainsight