Hi, I'm quite excited to announce that Mailvelope is now available in the Chrome Web Store: https://chrome.google.com/webstore/detail/kajibbejlbohfaggdiogboambcijhkke
Sources are on github: https://github.com/toberndo/mailvelope Well, internally I started this project in March. As I have already mentioned in a previous post the idea was to build a generic solution that works independent of a specific Webmail provider. So I scan the page on PGP header information and then inject "frames" that are displayed on top of the PGP text. This is then my area for the password dialog. Challenging of course is the positioning of these areas. It currently is tested for the providers: - Gmail - Yahoo - Outlook.com - GMX New Webmail providers can be added to the "Watch List" and are then also included in the scanning process. This is done with the browser action "Add page": all iframes of the current tab are retrieved, added to the watch list, and this information is then used to inject the content scripts. As this is configurable, I can not rely on the automatic injection of content scripts and have to do this programmatically. Unfortunately Chrome allows only to inject into all_frames or none. And you have to inject on each web request as this can be the source of newly created iframes. As my content script relies on jQuery it tends to be a big fat and yahoo with its endless iframes went up to alarming memory consumption after some 20 clicks. The solution was to inject a small bootstrap code that first checks if the iframe should be scanned and if yes loads the content script code and evals it in place. I was already nearly finished when Chrome released 21 and dropped support for manifest version 1 as Jim already mentioned. The key grid in the options is a Kendo UI component and these rely on new Function() which is not allowed anymore for extensions. The whole options page therefore had to be put into a sandbox and communicates with the extension via window.postMessage. Just some highlights on the way... What is currently not supported is signing and verification of messages. Documentation is also basically non-existent. Also a really missing feature is key export, which I want to add next. I hope I find some happy testers on this list. Especially interesting would be to verify new Webmail providers. I would add these then to the watch list and ship with the next update. Thanks everybody who contributed to OpenPGP.js and made this project possible. Best regards, Thomas
_______________________________________________ http://openpgpjs.org
