This repository contains a userscript that detects inline PGP-encrypted message blocks on a specific domain and decrypts them in place using a private key loaded from a local file and a passphrase stored in the browser session.
The script is designed to be used with browser userscript managers (such as Tampermonkey or Violentmonkey).
userscript.js: The main userscript. It is parameterized by a placeholder string<domain>which must be replaced with the actual target domain before use.configure.sh: Unix shell script that prompts for a domain and replaces all instances of<domain>inuserscript.js.configure.bat: Windows batch script that performs the same replacement using PowerShell.
From the project root (e.g. /home/jack/repos/inline-pgp):
-
Configure the target domain
-
On Linux/macOS:
./configure.sh
-
On Windows (from Command Prompt or PowerShell in this directory):
configure.bat
When prompted, enter the domain (for example
example.com). All occurrences of<domain>inuserscript.jswill be replaced with your value. -
-
Install the userscript
- Open
userscript.jsin your browser. - Use your userscript manager (e.g. Tampermonkey/Violentmonkey) to create a new script and paste the contents of
userscript.js, or drag/drop / import the file if supported.
- Open
- Scans page content for
-----BEGIN PGP MESSAGE----- ... -----END PGP MESSAGE-----blocks. - Provides a small floating control panel to:
- Load an armored private key file for the current browser session.
- Set or change the passphrase (stored only in
sessionStorage). - Toggle auto-decryption on and off.
- Clear key and passphrase from the current session.
- Automatically replaces detected PGP blocks with decrypted plaintext (when possible), or shows a failure indicator if decryption fails.
- The userscript expects
openpgpv5 to be available via the@requiremetadata line. - The code avoids use of
anyin its JSDoc typings and aims to stay lint-clean; after modifyinguserscript.js, run your preferred linter in your environment if applicable.