Robin Moisson

Hey @patrulea that's a neat idea - I won't have time to work on this for a few weeks, I'll try to get to in October. Thanks for the suggestion.

Hi, thanks for the report, I'm trying to get what you're doing exactly. From what I understand, you cloned the repository on your local machine and opened the `index.html` file...

So: - you encrypt your file on StatiCrypt and you download the protected file (say, `index_encrypted.html`) - you open that file in your browser and it opens fine - you...

Trying to understand if this is still an issue and what happens here - is the error thrown 1. when you clone this repo and open the index.html to encrypt,...

Re-reading the issue - it looks like the original problem was encrypting a file that points toward external resources without a fully qualified domain name + protocol (eg ``). If...

Thank you for opening the issue - and sorry for taking so so long to write back. CBC being the default on a popular crypto library it felt safe enough...

Added thoughts on the malleability attack: we do sign the ciphertext with an HMAC, so this should guarantee data integrity. An attacker could remove that check happening client side but...

Hi, If I understand correctly you are pushing a blank `.staticrypt.json` file at the root of your project? Then I believe this is the problem: this file needs to be...

Hi, not at the moment as it's not really the main use case. The idea is to produce a standalone html file that can be unlocked by a human through...

Thank you all for sharing thoughts on this. I agree in some cases it could be pretty convenient to have one simple repo with encrypted files, have an ignored `.env`...