Why I built tmpdrop: a self-hosted, expiring file drop
The article discusses the creation of tmpdrop, a self-hosted file drop service designed to address privacy concerns with public file hosts. It highlights the issues of file retention, predictable URLs, and security vulnerabilities that can arise from using such services. The author explains how tmpdrop mitigates these risks by implementing features like unguessable URLs, a time-to-live for uploads, and enhanced security measures.
- ▪Tmpdrop is a self-hosted file drop service built to ensure privacy and security for temporary file sharing.
- ▪The service features unguessable URLs, a TTL for uploads, and a content security policy to prevent XSS attacks.
- ▪It was also adapted for use as a clipboard for an AI coding agent, allowing for seamless file transfers without third-party involvement.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 3950932) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } Kin Pan Ho Posted on May 29 Why I built tmpdrop: a self-hosted, expiring file drop #node #opensource #ai #security I had a screenshot to send. Nothing secret — a stack trace from a side project — but it had an internal hostname, a file path with my username, and a chunk of a config file in the terminal behind it. The fast move is to drag it onto a free image host and paste the link. I sat there with my cursor over the upload button and couldn't do it.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).