Burn After Reading and JS disabled #89
Comments
|
The way it works currently, the server accesses the data from the identifier, regardless of whether or not the crypto key is correct. This is because the crypto data is stored in the file along with whether or not the file is burn-on-read. As a part of fetching that data, it reads whether or not the file is burn-on-read, then if it is, wipes the file. That's the design of ZeroBin. A way to get around this would be to create a basic HTML page with an instant meta redirect to the content, then share that to the person who you intend to share the information with. Not very quick or easy, but it works. |
|
I don't care if it gets deleted if you use the wrong key, that's fine. But if you delete it when JS is off... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently if you have JS disabled and open a BAR paste, it gets deleted, even tho you didn't read it. My proposal is to move paste data loading to a script, and change how you access paste data to use, say,
myzerobin/pastedata_<id>instead of embedding it into the page.This would also solve IRC bots deleting BAR pastes when fetching page info.
The text was updated successfully, but these errors were encountered: