diff options
author | Laurent Ghigonis <laurent@p1sec.com> | 2013-06-16 23:43:46 +0200 |
---|---|---|
committer | Laurent Ghigonis <laurent@p1sec.com> | 2013-06-16 23:43:46 +0200 |
commit | 822ee47e0a79e100b42ca08ba8a4ebcef5d6b157 (patch) | |
tree | 7790dc76745e38c932e3f4f5220635b4349f63e4 /jsaccess/README.txt | |
parent | jsaccess: css (diff) | |
download | laurent-tools-822ee47e0a79e100b42ca08ba8a4ebcef5d6b157.tar.xz laurent-tools-822ee47e0a79e100b42ca08ba8a4ebcef5d6b157.zip |
jsaccess: advise to use https to protect client targeted attacks
Diffstat (limited to 'jsaccess/README.txt')
-rw-r--r-- | jsaccess/README.txt | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/jsaccess/README.txt b/jsaccess/README.txt index 45102bf..da1dc5c 100644 --- a/jsaccess/README.txt +++ b/jsaccess/README.txt @@ -2,6 +2,11 @@ jsaccess - download and decrypt files in the browser 2013, Laurent Ghigonis <laurent@gouloum.fr> Provide protected access to files on a web server without htaccess or https. +The files are stored AES256 encrypted on the server, and decrypted on download +in the web browser. + +You should still use https to protect against client targeted attacks like +mitm on the javascript code or mitm on the encrypted archives. $ git clone git://git.zx2c4.com/laurent-tools $ cd laurent-tools/jsaccess/ |