Skip to main content

Search

Items tagged with: authentication


Content warning: Twitter


Small Web sites will require JavaScript to sign in.

Why?

To protect your privacy.

We use public-key authentication (which I’m implementing as we speak) so your secret is never stored on the server and you only enter it in places you own and control.

(I can already see some folks up in arms about this because JavaScript Bad™ so I just checked in the initial copy for the page that gets displayed if JavaScript is off.)

#SmallWeb #Kitten #SmallTech #JavaScript #cryptography #authentication
Screenshot of https://localhost/sign-in in a browser. Web page contents follow:

Title: Sign-in requires JavaScript

Heading: What should I do?

Strong: Please turn JavaScript on in your browser.

If you’re using a browser extension like JavaScript Toggle On and Off (link), please make sure that it’s toggled on.

Heading: Why?

Strong: To protect your privacy.

Your secret is yours and yours alone. You should only enter and store it in places that you (and you alone) own and control.

While your browser runs on your machine and is in your control, your server might be hosted by someone else. So your server never knows or stores your secret.

In case you’re interested in the technical details, signing in makes use of public-key cryptography (link).

Heading: But isn’t all JavaScript evil?

No.

Like all code, it depends on who owns and controls it and what it does.

This is a Small Web (link) site powered by Kitten (link). All the JavaScript here is free and open. You own and control this site and all of the code that powers it works to protect your interests and your interests alone.

Este sitio web utiliza cookies. Si continúa navegando por este sitio web, usted acepta el uso de las cookies.