Just for fun, let's encrypt some stuff in client-side JavaScript and have a PHP server decrypt it. Note that this will never replace TLS (HTTPS).
...
For further actions, you may consider blocking this person and/or reporting abuse
Shouldn't sendEncryptedMessage() function send content of encrypted variable in JSON? Currently in example it sends unencrypted message.
Yep! That was a pasto. I originally stored the ciphertext in
messagethen refactored it to make it easier to read.Nice post.
Is there any way to add random key for each request? Because keeping the same key is not secured right?