andre-d
commented
9 years ago There are a number of disadvantages to this and advantages. I will discuss it verbally with you some time to decide what works best. On Jun 12, 2015 12:24 AM, "Keith Morrow" notifications@github.com wrote:
Currently everything in the Javascript (such as the static_key, for example) is hard-coded, and will likely trip up anyone new to the project. Instead, the server should expose a new /config endpoint that returns a JSON object, consumable by the browser Javascript.
To start, it should contain the static key. Additionally, there should be an option to disable uploading from the browser side (i.e. by not sending a static key at all, configurable from the server). This means it can only be uploaded to by external clients, e.g. ShareX or upclient, if they know the static key.
— Reply to this email directly or view it on GitHub https://github.com/Upload/Up1/issues/3.
Currently everything in the Javascript (such as the static_key, for example) is hard-coded, and will likely trip up anyone new to the project. Instead, the server should expose a new
/configendpoint that returns a JSON object, consumable by the browser Javascript.To start, it should contain the static key. Additionally, there should be an option to disable uploading from the browser side (i.e. by not sending a static key at all, configurable from the server). This means it can only be uploaded to by external clients, e.g. ShareX or upclient, if they know the static key.