search

diced / zipline

A ShareX/file upload server that is easy to use, packed with features, and with an easy setup!
https://zipline.diced.sh/
MIT License
1.31k stars 128 forks source link

Bug: link system has flaws #565

Closed crosscutsaw closed 2 months ago

crosscutsaw commented 2 months ago

What happened?

hello,

the problem would be more important if "keep original name" option works.

when you upload a file, it automatically generates a download url. it's a flaw because this link cannot be disabled and it's open to the world. putting it to the private folder won't change anything. the bad part is, it's unauthenticated. it should be work with a valid login.

i.e https://fs.zurrak.com/u/y4U2eM.txt https://fs.zurrak.com/r/y4U2eM.txt?download=true

i couldn't find disabling url system in docs. if it's present, please tell me.

Version

latest (ghcr.io/diced/zipline or ghcr.io/diced/zipline:latest)

What browser(s) are you seeing the problem on?

No response

Zipline Logs

No response

Browser Logs

No response

Additional Info

No response

diced commented 2 months ago

it's not a flaw it's meant to be like that..? there are plans to make it fully private in the future though