andre-d
commented
8 years ago Indeed, this is a planned feature to allow a separate upload mode which injects the image into a canvas then reads a jpeg out of the canvas thereby stripping any tags.
Open ipatjolvur opened 8 years ago
andre-d
commented
8 years ago Indeed, this is a planned feature to allow a separate upload mode which injects the image into a canvas then reads a jpeg out of the canvas thereby stripping any tags.
andre-d
commented
8 years ago This will not be the default
andre-d
commented
8 years ago It is also very very very important to note that lutim encrypts ON THE SERVER which means you are trusting them to remove the key, to not be compromised, etc which is far different from the approach up1 takes.
ipatjolvur
commented
8 years ago lutim encrypts ON THE SERVER which means you are trusting them to remove the key, to not be compromised, etc
Yes, I prefer the method used by Up1 and ZeroBin, but ZeroBin is for text, not any file as Up1 is. https://github.com/sebsauvage/ZeroBin http://sebsauvage.net/paste/ http://sebsauvage.net/wiki/doku.php?id=php:zerobin
andre-d
commented
8 years ago To clairfy why it will not be the default, up1 takes the approach of being a client side encrypted private sharing tool for files which features things like image preview. It is the expected default that it keep images and files the same regardless of what you are uploading checksum exact (You download the exact file you uploaded).
It is also important to mention that other image uploading tools like the one you mentioned are able to do so quickly as they convert on the server however unlike other tools the up1 server software has no access to the content of the file uploaded.
In summary, stripping EXIF data is important for images shared with strangers but will not be the default due to the fact that up1 is intended as a private file sharing tool rather than a public image host. This is also combined with the speed issues, unexpected outcomes, and difficulties with the methods required to do so directly in the browser..
ipatjolvur
commented
8 years ago That clears a lot up. Thank you.
ipatjolvur
commented
8 years ago then reads a jpeg out of the canvas thereby stripping any tags.
Reading a png would better maintain quality of the original. Or would doing so be too risky of a bottleneck?
andre-d
commented
8 years ago It would cause issues with large images coming from jpeg, it is totally possible to make it an option or autodetect, we will have to look at the UI and the usability of it though. The idea is to combine it with an option to resize images to a smaller size to allow fast mobile upload with those very high megapixel phone cameras but terrible mobile internet.
Enhancement request: Offer a checkbox on the upload page to keep or remove EXIF tags.
Many hosts purge EXIF without an option. That is the most secure choice and should be the default, but some users may wish to leave EXIF intact.
For an open source example, see lutim: https://github.com/ldidry/lutim https://lut.im