Secure Storage in http (insecure) websites

[stefroussos]

Hello,
Since the Web Crypto API only works secure contexts (HTTPS), I get this error TypeError: Cannot read properties of undefined (reading 'importKey') in http websites. This could also result in throttling errors like Error: This request exceeds the MAX_WRITE_OPERATIONS_PER_MINUTE quota.. What's the best approach to store keys in such contexts? 1. Just use regular storage, 2. Use regular storage with crypto-js encryption, 3. Drop support for insecure websites? 4. Other.

Thanks

[louisgv]

You can also detect whether it's HTTP or HTTPS, and swap your storage instance accordingly - if it's HTTPS, use SecuredStorage, if it's HTTP, use plain Storage.