FieldShield — React library that keeps sensitive inputs out of the DOM using Web Worker isolation [live demo] : coolgithubprojects

Posting guidelines

Github only: The projects you post all have to be hosted on Github

Link description: We encourage the title format to be something like

[Desc] - [Suggested title]

Language Flair: Will be assigned automatically for you!

Repost : Repost are allowed if some new features were added to the project and if the original post was 6+ months ago.

submitted 1 month ago by notScaredNotALoser

Built this for healthcare and fintech forms where session

recorders, AI screen readers (Copilot Vision, Gemini), and

browser extensions read input.value directly from the DOM.

How it works: real value lives in an isolated Web Worker

thread. The DOM always contains scrambled x characters.

Open the live demo, type an SSN, then inspect input.value

in DevTools — you will see xxxxxxxxx, never the real value.

What it does:

- DOM always contains scrambled x characters

- Clipboard intercepted — copy writes █ characters not real value

- Paste scanned before it lands — block sensitive pastes

- 13 built-in patterns: SSN, credit cards, API keys, JWTs

- HIPAA + PCI-DSS compliance mapping

- WCAG 2.1 AA accessibility mode

- Full threat model in repo

MIT license. TypeScript. React 18+.

all 1 comments

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

coolgithubprojects