From 16854e8b24a3b00d9d5dbd285bbe3b93ee47ce1c Mon Sep 17 00:00:00 2001 From: Gab Virebent Date: Mon, 6 Jul 2026 16:34:47 +0200 Subject: Guard key material in RAM with memguard, add Markdown preview for message field Reader now keeps the private key bytes and the per-submission ECDH/HKDF secrets in memguard.LockedBuffer (mlock + guaranteed wipe) instead of a manual zero loop. Added a regression test for the decrypt path. Message field gets a self-hosted Markdown toggle preview (no external library): headers, bold/italic, inline code, code blocks, blockquotes, lists, links. Output is HTML-escaped and link schemes are whitelisted before rendering. Submitted content is still the raw Markdown source, unchanged on the wire. --- static/crypto.js | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'static/crypto.js') diff --git a/static/crypto.js b/static/crypto.js index f1cc6c9..e196826 100644 --- a/static/crypto.js +++ b/static/crypto.js @@ -161,6 +161,13 @@ document.getElementById("drop-form").addEventListener("submit", async (e) => { if (resp.ok) { document.getElementById("drop-form").reset(); document.getElementById("filename").textContent = ""; + const preview = document.getElementById("message-preview"); + const previewToggle = document.getElementById("preview-toggle"); + if (preview && previewToggle && !preview.hidden) { + preview.hidden = true; + document.getElementById("message").hidden = false; + previewToggle.textContent = "Preview"; + } status.textContent = "Delivered. No record of this submission exists on the server."; } else { status.className = "error"; -- cgit v1.2.3