10
End-To-End Encrypted (EE2E) Websites?
(lemmy.world)
Welcome to the web development community! This is a place to post, discuss, get help about, etc. anything related to web development
Web development is the process of creating websites or web applications
Some webdev blogs
Not sure what to post in here? Want some web development related things to read?
Heres a couple blogs that have web development related content
That's a completely different use case then, and the solution is Tor, proxies, ShadowSocks, vpn-ws.
But if you can't HTTPS, it's weird that you'd be able to do a VPN in the first place. HTTP only is super rare outside of China, and most places HTTPS would be blocked, VPNs are even more blocked
I mean technically you could encrypt most of the stuff client-side but you have to keep in mind the browser loading JavaScript over HTTP is still insecure and it would be easy to modify the script to also send the key to your attacker. There's nothing you can do that would be better than what the browser can do.
The only way to make it safe is to not have a web application. The code must already be on your device in a state you trust to be able to trust anything else that depends on it.
An easy fix might be to configure your browser to use your server as a plain HTTP proxy, which will issue CONNECT commands for HTTPS automatically, and now you're in HTTPS world and you're good.