Transpo

From Extremely Corporate Wiki
Jump to navigation Jump to search

TRANSPO IS SUCCEEDED BY TRANSPO 2. IF YOU ARE READING THIS FOR SOME REASON, YOU SHOULD USE THAT INSTEAD.

Transpo is a simple file sharing web application. Our instance is running here NOT ANYMORE, SUCKAAAAA and the source code is available here.

How It Works

Uploading

  1. You choose your files, configure the settings and click upload
  2. The settings get sent as a form and the server accepts a websocket connection from the client. The server also sends back the id of the final URL.
  3. The server saves all the settings to a directory which will eventually contain the file.
  4. The upload is zipped (for multi-file uploads) via the fantastic Conflux library and encrypted using the wonderful JSChaCha20 which produces a stream.
  5. This stream is passed through the websocket connection and the server appends the bytes to a file.
  6. After the upload finishes, a URL for the download is presented. The URL stores the key to decrypt the file after the '#' symbol which means it never gets read by the server.

Downloading

  1. The client sends a form to the server. The id of the file is in the address and the form itself contains the password. If the passwords don't match, the client gets nothing back.
  2. Assuming the passwords match, the server sends the file back to the client over HTTP unless the file has expired in which case the server sends back the same page it would for a nonexistent file.
  3. The client decrypts the file as it downloads using JSChaCha20 and uses the IndexedDB API to store chunks of the file on disk to try to decrease memory usage. This doesn't work on Firefox yet, but that's supposedly a bug.

Other

To make sure expired files don't only get deleted when someone tries to download them, a background thread is started by the server which checks for expired files every hour and deletes them.

Why Did You Make This?

I was missing Firefox Send since it was shut down (apparently scammers started using it to distribute malware), but saw that Send was open source and decided to check it out. While impressive, it was also very complicated to set up (lots of dependencies and stuff), so I decided to try making my own (far simpler) version of it. My version is mostly simple out of necessity, since I'm not smart enough to make something better, but it seems to work well enough so I consider this project a success.

Why Is Your Code So Bad?

I'm really stupid.

Retrieved from "https://wiki.extremelycorporate.ca/index.php?title=Transpo&oldid=2522"