But then it's not self contained and every time you want to access the archive you also need a program that can decrypt/encrypt that format. Using a self-contained HTML file means it's currently the most portable way to encrypt something and have it available anywhere you can get the file on.
By the way, I don't advocate for this idea. But still, I find it a pretty ingenious way to store encrypted data portably. Essentially what is happening is the file contains the encrypted data and the algorithm to decrypt it with the correct passphrase/key.
> you also need a program that can decrypt/encrypt that format
that's just a self-extracting archive, which is a very common idea and easily created as well (very popular with both shareware distribution).
The problem is that you have to trust the extracting code to not install anything else malicious. The browser provides the perfect sandbox - you cannot install malware into the system via javascript in the browser, and thus you can trust it to run.
And you have to trust that running processes on dish aren't going to make a copy of it. Or that it won't end up stuck in the cache. This is (theoretically) only decrypted in memory (your browser may save a preview image of the tab, I believe Firefox mobile does this, not sure about desktop browsers)
Also, your self-extracting archive isn't platform independent, and likely can't be used at all on mobile platforms (iOS, Android) that don't offer to trying anyway files ootb (and are probably the wrong architecture anyways)
By the way, I don't advocate for this idea. But still, I find it a pretty ingenious way to store encrypted data portably. Essentially what is happening is the file contains the encrypted data and the algorithm to decrypt it with the correct passphrase/key.