Nico Pr
URLock
Share encrypted data via URL #hash
⚠️ Testing only
- No data is ever sent to server
- Password is not stored anywhere
- Lightweight 5KB vanilla JS + 3.5KB CSS
Security#
Encrypted payload lives in the URL fragment, anyone who has the link can attempt to brute-force it indefinitely.
A random password is automatically generated if field is left empty (based on nanoid).
Dataflow#
Input -> GZIP compression -> AES encryption -> B64 encoding -> Share
Chromium based browsers enforce a 512KB hard limit when pasting text into the address bar, URL-safe Base64 increases size by 33%, 512KB / 1.33 ≈ 393KB raw binary capacity. If compressed data size is over 393KB, output size will exceed 512KB, get truncated upon pasting, and fail to decrypt.
Tests#
Lorem Ipsum
password : lorem
200KB JPG file
password : test