Skip to content

CLOUDCOOKCH/ClippyTrippy2

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.github/workflows
.github/workflows
 
 
.gitattributes
.gitattributes
 
 
README.md
README.md
 
 
app.js
app.js
 
 
index.html
index.html
 
 
lzstring.js
lzstring.js
 
 
qrcore.js
qrcore.js
 
 
styles.css
styles.css
 
 
words.js
words.js
 
 

Repository files navigation

Clippy the Flippy

Client-only, static website for secure clipboard and secret sharing.

  • End-to-end encryption in your browser using Web Crypto (AES‑GCM 256).
  • Share via link: ciphertext and IV live in the URL fragment. Optionally include the key in the link, or split it to share separately.
  • Passphrase mode using PBKDF2‑SHA256 with a random salt and 210k iterations.
  • Password generator with customizable character sets.
  • Readable passwords: pronounceable mode and option to exclude ambiguous characters.
  • Segmented patterns: generate hyphenated formats via a pattern like 5l-1d6l-6d-6l (e.g., wagas-6dfdsfs-345345-dfgdfg). Tokens: l lower, u upper, d digit, s symbol, a letter, n alphanumeric.
  • Word tokens: enable “Use words in pattern (w/W)” and include w for a lowercase word or W for a capitalized word. You can also prefix a number (e.g., 6w) to prefer word length ≈ 6.
  • Compression toggle: Optionally compress plaintext before encrypting for shorter links (stored as z=1 in the fragment; decompressed client-side).
  • URL length meter: Shows approximate link size vs. 2000-char comfort threshold.
  • Entropy meter: Estimates entropy for generated passwords and flags weak patterns.
  • No servers, no tracking. All crypto happens locally.

Quick Start

  • Open index.html directly in your browser, or serve the folder with any static server.
  • Compose a secret, choose a mode, click “Encrypt & Create Link”.
  • Share the link (and key separately if you chose split mode). The receiver opens the link here and clicks “Decrypt”.

Link Format

Data lives in the URL fragment after # and is never sent to a server.

  • Common params: v=1&alg=A256GCM&iv=<b64u>&ct=<b64u>
  • Link-key mode: additionally k=<b64u> unless split mode is used
  • Passphrase mode: ph=1&s=<b64u>&it=210000 (receiver enters passphrase)

Base64URL encoding is used for binary fields.

Security Notes

  • Anyone holding both ciphertext and the key (or the passphrase) can decrypt. Split the key from the link to reduce risk.
  • Do not paste links into untrusted sites. Avoid URL shorteners.
  • “Burn Link” removes the fragment from your current URL and history entry, but cannot erase copies sent elsewhere.
  • Browser features and extensions can impact security. For highly sensitive data, verify your environment.

Develop

This is a static site: no build needed. Edit files and refresh.

  • index.html — UI markup
  • styles.css — styling
  • app.js — crypto, link flow, generator
  • qrcore.js — QR placeholder (disabled to avoid leaking secrets)

You can serve locally, e.g. with python -m http.server or npx serve. Or open index.html directly.

License

MIT (optional for your project needs)

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages