Hack #89. Syndicate Encrypted Content

Publish sensitive data securely and decrypt it on the fly.

I have a problem. It's actually a pretty common problem. I have data that I want to syndicate to myself, but I don't want you to see it. It's private. Now this data could be my credit card balance, my Google AdSense earnings, or internal bug reports for the day job. Whatever it is, I want the information in a form suitable for syndication but not available to everyone.

There is a solution. I could password-protect my feed. But that causes a problem, because my aggregator would then need to know my password. Now, my aggregator of choice is Bloglines, and I'm sure they're nice folks, but I really don't want to give them my password. One security breach, and my credit card history will be splattered across the Web.

The solution is to have a user script that detects the encrypted content and, using the right key, decrypts the encrypted content. I can continue to use Bloglines to poll the feed and present me with new items as they appear, but the decryption is done in my browser.

So, here is the whole scenario:

  1. My content, which is going to sit inside the description element of an RSS feed, is going to be encrypted.

  2. That feed is syndicated.

  3. I will subscribe to that feed in Bloglines (or any other web-based aggregator).

  4. When I view items in that feed in Bloglines, the description is initially displayed encrypted, but the Greasemonkey script detects the encrypted content and decrypts it on the fly ...

Get Greasemonkey Hacks now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.