Pen Settings

HTML

About HTML Preprocessors

HTML preprocessors can make writing HTML more powerful or convenient. For instance, Markdown is designed to be easier to write and read for text documents and you could write a loop in Pug.

Learn more · Versions

Adding Classes

In CodePen, whatever you write in the HTML editor is what goes within the <body> tags in a basic HTML5 template. So you don't have access to higher-up elements like the <html> tag. If you want to add classes there that can affect the whole document, this is the place to do it.

About the <head>

In CodePen, whatever you write in the HTML editor is what goes within the <body> tags in a basic HTML5 template. If you need things in the <head> of the document, put that code here.

!
Insecure Resource

The resource you are linking to is using the 'http' protocol, which may not work when the browser is using https.

CSS

About CSS Preprocessors

CSS preprocessors help make authoring CSS easier. All of them offer things like variables and mixins to provide convenient abstractions.

Learn more · Versions

CSS Base

About CSS Base

It's a common practice to apply CSS to a page that styles elements such that they are consistent across all browsers. We offer two of the most popular choices: normalize.css and a reset. Or, choose Neither and nothing will be applied.

Vendor Prefixing

About Vendor Prefixing

To get the best cross-browser support, it is a common practice to apply vendor prefixes to CSS properties and values that require them to work. For instance -webkit- or -moz-.

We offer two popular choices: Autoprefixer (which processes your CSS server-side) and -prefix-free (which applies prefixes via a script, client-side).

Add External Stylesheets/Pens

Any URLs added here will be added as <link>s in order, and before the CSS in the editor. You can use the CSS from another Pen by using its URL and the proper URL extension.

Powered by Algolia
About External Resources

You can apply CSS to your Pen from any stylesheet on the web. Just put a URL to it here and we'll apply it, in the order you have them, before the CSS in the Pen itself.

You can also link to another Pen here (use the .css URL Extension) and we'll pull the CSS from that Pen and include it. If it's using a matching preprocessor, use the appropriate URL Extension and we'll combine the code before preprocessing, so you can use the linked Pen as a true dependency.

Learn more

+ add another resource

JavaScript

About JavaScript Preprocessors

JavaScript preprocessors can help make authoring JavaScript easier and more convenient.

Learn more · Versions

Babel includes JSX processing.

Add External Scripts/Pens

Any URL's added here will be added as <script>s in order, and run before the JavaScript in the editor. You can use the URL of any other Pen and it will include the JavaScript from that Pen.

Powered by Algolia
About External Resources

You can apply a script from anywhere on the web to your Pen. Just put a URL to it here and we'll add it, in the order you have them, before the JavaScript in the Pen itself.

If the script you link to has the file extension of a preprocessor, we'll attempt to process it before applying.

You can also link to another Pen here, and we'll pull the JavaScript from that Pen and include it. If it's using a matching preprocessor, we'll combine the code before preprocessing, so you can use the linked Pen as a true dependency.

Learn more

+ add another resource

Packages

Add Packages

Search for and use JavaScript packages from npm here. By selecting a package, an import statement will be added to the top of the JavaScript editor for this package.

Powered by Algolia
About Packages

Using packages here is powered by esm.sh, which makes packages from npm not only available on a CDN, but prepares them for native JavaScript ESM usage.

All packages are different, so refer to their docs for how they work.

If you're using React / ReactDOM, make sure to turn on Babel for the JSX processing.

Behavior

Auto Save

If active, Pens will autosave every 30 seconds after being saved once.

Auto-Updating Preview

If enabled, the preview panel updates automatically as you code. If disabled, use the "Run" button to update.

Format on Save

If enabled, your code will be formatted when you actively save your Pen. Note: your code becomes un-folded during formatting.

Editor Settings

Code Indentation

Want to change your Syntax Highlighting theme, Fonts and more?

Visit your global Editor Settings.

HTML 

              
                <input type="text" class="enc_password" size="100" placeholder="Password"><br>
	<textarea class="enc_message" rows="4" cols="50" placeholder="Message"></textarea><br>
	<a href="#" class="encrypt">Encrypt</a>

	<hr>

	<input type="text" class="dec_password" size="100" placeholder="Password"><br>
	<textarea class="dec_message"  rows="4" cols="50" placeholder="Message"></textarea><br>
	<a href="#" class="dencrypt">Dencrypt</a>
!

CSS 

              
                body {
  font-family: system-ui;
  background: #fff;
  text-align: center;
}

input,
textarea{
  width: 500px !important;
}

textarea{
  height: 300px;
}

.encrypt, 
.dencrypt{
  padding: 5px 10px;
  background: #333;
  border-radius: 10px;
  color: #fff;
}
!

JS 

              
                async function encryptMessage(message, password) {
		// Convert strings to Uint8Arrays.
		const encoder = new TextEncoder();
		const passwordBytes = encoder.encode(password);
		const messageBytes = encoder.encode(message);

		// Generate a random salt for key derivation.
		const salt = crypto.getRandomValues(new Uint8Array(16));

		// Import the password as key material.
		const keyMaterial = await crypto.subtle.importKey(
			'raw',
			passwordBytes,
			{ name: 'PBKDF2' },
			false,
			['deriveKey']
		);

	// Derive an AES-CBC key using PBKDF2.
		const key = await crypto.subtle.deriveKey(
			{
			name: 'PBKDF2',
			salt: salt,
			iterations: 100000, // A higher count means better security but slower performance.
			hash: 'SHA-256'
			},
			keyMaterial,
			{ name: 'AES-CBC', length: 256 },
			false,
			['encrypt']
		);

	// Generate a random Initialization Vector.
		const iv = crypto.getRandomValues(new Uint8Array(16));

		// Encrypt the message.
		const encryptedContent = await crypto.subtle.encrypt(
			{
			name: 'AES-CBC',
			iv: iv
			},
			key,
			messageBytes
		);

		// Combine salt, IV, and ciphertext into a single Uint8Array.
		const saltLength = salt.byteLength;
		const ivLength = iv.byteLength;
		const ciphertext = new Uint8Array(encryptedContent);
		const combined = new Uint8Array(saltLength + ivLength + ciphertext.byteLength);

		combined.set(salt, 0);
		combined.set(iv, saltLength);
		combined.set(ciphertext, saltLength + ivLength);

		// Convert combined data to a Base64 string.
		const base64String = btoa(String.fromCharCode(...combined));
		return base64String;
	}

	async function decryptMessage(encryptedBase64, password) {
		// Convert the Base64 string back into a Uint8Array.
		const combined = Uint8Array.from(atob(encryptedBase64), c => c.charCodeAt(0));

		// Extract the salt (first 16 bytes), IV (next 16 bytes), and ciphertext (remaining bytes).
		const salt = combined.slice(0, 16);
		const iv = combined.slice(16, 32);
		const ciphertext = combined.slice(32);

		// Encode the password as Uint8Array.
		const encoder = new TextEncoder();
		const passwordBytes = encoder.encode(password);

		// Import the password as key material.
		const keyMaterial = await crypto.subtle.importKey(
			'raw',
			passwordBytes,
			{ name: 'PBKDF2' },
			false,
			['deriveKey']
		);

		// Derive the same AES-CBC key using PBKDF2 (must use the same salt, iterations, and hash).
		const key = await crypto.subtle.deriveKey(
			{
			name: 'PBKDF2',
			salt: salt,
			iterations: 100000,
			hash: 'SHA-256'
			},
			keyMaterial,
			{ name: 'AES-CBC', length: 256 },
			false,
			['decrypt']
		);

		// Decrypt the ciphertext.
		const decryptedContent = await crypto.subtle.decrypt(
			{
			name: 'AES-CBC',
			iv: iv
			},
			key,
			ciphertext
		);

		// Convert the decrypted bytes back into a string.
		const decoder = new TextDecoder();
		return decoder.decode(decryptedContent);
	}

	$(document).on('click', 'a.encrypt', function(e) {
		e.preventDefault(); 

		var password = $('.enc_password').val();
		var message = $('.enc_message').val();

		encryptMessage(message, password).then(encrypted => set_enc_message(encrypted)).catch(err => console.error("Encryption error:", err));
	});

	function set_enc_message(message){
		$('.dec_message').val(message);
	}

	$(document).on('click', 'a.dencrypt', function(e) {
		e.preventDefault(); 

		var password = $('.dec_password').val();
		var message = $('.dec_message').val();

		decryptMessage(message, password).then(plaintext => set_dec_message(plaintext)).catch(err => console.error("Decryption error:", err));
	});

	function set_dec_message(message){
		$('.dec_message').val(message);
	}
!
999px

Console