Originally Posted by Old Pedant
Yeah, I got beaten up on this a while back.
You can easily have the encrypted text and the JS decryption sitting right there and it does no good without the keyword/password.
It *IS* true, though, that you can't store both the encrypted text and the password on the JS page. Which is what I was trying to say before I got beaten up. <grin/>
Now... So what? What good does it do to be able to require the right password in order to show some encrypted text? I think at that point, you probably are back to Philip's argument: The only USEFUL thing to do with the decrypted text is to have it be a URL and so you then jump to that URL.
You *could* encrypt the entire HTML content of the page, but that seems like a wrongheaded concept. Difficult to maintain, to say the least.
Could you apply phillip's way of doing it as the encryption for the js link.
<form name="input" action="html_form_action.asp" method="get">
<input type="submit" value="Submit" />
var x = document.input.user.value
<noscript> <script src = <script> document.write(x)</script>></noscript>
There is probably a lot of flawed code in here but i hope the concept is valid.