A look at how browser-based utilities process everything locally, why that matters for privacy, and how to tell when a tool really runs client-side.
Most online utilities send your input to a server to do their work. Client-side tools take a different path: the logic runs in your browser, so the data you paste, type, or upload never leaves your device.
What “client-side” actually means
When a tool is client-side, the page loads a small program written in JavaScript or WebAssembly, and that program does the work on your machine. There is no round trip to a backend for the core operation.
You can usually confirm this in two ways:
- Open your browser’s network panel and watch for requests while you use the tool. A client-side tool makes no request carrying your input.
- Disconnect from the network after the page loads. A truly local tool keeps working.
Why it matters
Keeping processing local has a few concrete benefits:
- Confidentiality — sensitive text, keys, and files stay with you.
- Speed — there is no upload step, so results are instant.
- Resilience — the tool works offline once the page is cached.
A quick example
Hashing a string is a good illustration. The browser can compute a digest directly:
const data = new TextEncoder().encode('hello world');
const digest = await crypto.subtle.digest('SHA-256', data);
const hex = [...new Uint8Array(digest)]
.map((b) => b.toString(16).padStart(2, '0'))
.join('');
console.log(hex);Nothing in that snippet talks to a server — the digest is produced on your device and stays there.
How to verify a tool
Before trusting any utility with sensitive input, check the network panel, try it offline, and read the page’s privacy description. Tools that process locally will say so plainly and will keep working with the network disabled.