Hi Thomas, Thank you for the release:
* Although it didn't work in my first test it makes a good first impression (GMal, no replacement of encrypted content or (after reload) "Error! Could not read this encrypted message") * I also created the first issue on GitHub (just added another minor one) * I would suggest to include the libraries (e.g. OpenPGP.js as git submodules) Best regards, Alex On 24.08.2012, at 23:19, Thomas Oberndörfer <[email protected]> wrote: > > Hi, > > I'm quite excited to announce that Mailvelope is now available in the Chrome > Web Store: > https://chrome.google.com/webstore/detail/kajibbejlbohfaggdiogboambcijhkke > > Sources are on github: > https://github.com/toberndo/mailvelope > > Well, internally I started this project in March. As I have already mentioned > in a previous post > the idea was to build a generic solution that works independent of a specific > Webmail provider. > > So I scan the page on PGP header information and then inject "frames" that > are displayed on top > of the PGP text. This is then my area for the password dialog. > > Challenging of course is the positioning of these areas. It currently is > tested for the providers: > > - Gmail > - Yahoo > - Outlook.com > - GMX > > New Webmail providers can be added to the "Watch List" and are then also > included in the scanning process. > This is done with the browser action "Add page": all iframes of the current > tab are retrieved, added to the watch > list, and this information is then used to inject the content scripts. > > As this is configurable, I can not rely on the automatic injection of content > scripts and have to do this programmatically. > Unfortunately Chrome allows only to inject into all_frames or none. And you > have to inject on each web request as this > can be the source of newly created iframes. As my content script relies on > jQuery it tends to be a big fat and yahoo with > its endless iframes went up to alarming memory consumption after some 20 > clicks. > > The solution was to inject a small bootstrap code that first checks if the > iframe should be scanned and if yes loads the > content script code and evals it in place. > > I was already nearly finished when Chrome released 21 and dropped support for > manifest version 1 as Jim already mentioned. > The key grid in the options is a Kendo UI component and these rely on new > Function() which is not allowed anymore for extensions. > The whole options page therefore had to be put into a sandbox and > communicates with the extension via window.postMessage. > > Just some highlights on the way... > > What is currently not supported is signing and verification of messages. > Documentation is also basically non-existent. > > Also a really missing feature is key export, which I want to add next. > > I hope I find some happy testers on this list. Especially interesting would > be to verify new Webmail providers. I would add these > then to the watch list and ship with the next update. > > Thanks everybody who contributed to OpenPGP.js and made this project > possible. > > Best regards, > Thomas > > > > > > > > > _______________________________________________ > > http://openpgpjs.org
