Explore Send, the 2.5GB secure file-sharing tool built from Firefox Send. Learn how Send offers privacy-focused file sharing with expiration settings, download limits, and self-hosting options.
Oh, ok, now I get it. So it could be checked by a third party if that code is really created by the browser and if it’s not sent to the server, correct?
@chebra@mstdn.io but the owner of the server could change it, could it be checked directly on the webpage of the service?
Not that I will do it (I can’t, I can’t read that code), I’m just curious.
@peregus yes, well the javascript on the site is minified, but I found this place even in the minified code. At this level it would be easier to take the source code and compile your own, host your own instance, then you know exactly what code is running there. And their minified code could be directly compared with your minified code… the beauty of open-source software.
But it’s the server that creates the URL in the first place, so it must knows it, right? …or wrong?
@peregus No that would be created by javascript in the sender’s browser.
Oh, ok, now I get it. So it could be checked by a third party if that code is really created by the browser and if it’s not sent to the server, correct?
@peregus yes, that would be here: https://github.com/timvisee/send/blob/master/app/fileSender.js#L81
@chebra@mstdn.io but the owner of the server could change it, could it be checked directly on the webpage of the service? Not that I will do it (I can’t, I can’t read that code), I’m just curious.
@peregus yes, well the javascript on the site is minified, but I found this place even in the minified code. At this level it would be easier to take the source code and compile your own, host your own instance, then you know exactly what code is running there. And their minified code could be directly compared with your minified code… the beauty of open-source software.
@chebra@mstdn.io Thanks a lot for your time explaining that to me!
@peregus You’re welcome, stay curious!