Yeah, I got beaten up on this a while back.
You can easily have the encrypted text and the JS decryption sitting right there and it does no good without the keyword/password.
It *IS* true, though, that you can't store both the encrypted text and the password on the JS page. Which is what I was trying to say before I got beaten up. <grin/>
Now... So what? What good does it do to be able to require the right password in order to show some encrypted text? I think at that point, you probably are back to Philip's argument: The only USEFUL thing to do with the decrypted text is to have it be a URL and so you then jump to that URL.
You *could* encrypt the entire HTML content of the page, but that seems like a wrongheaded concept. Difficult to maintain, to say the least.
An optimist sees the glass as half full.
A pessimist sees the glass as half empty.
A realist drinks it no matter how much there is.