Feature: Check hash before web upload #166

New Issue

Closed

opened 2026-01-19 18:29:15 +00:00 by michael · 3 comments

michael commented 2026-01-19 18:29:15 +00:00

Owner

Copy Link

Originally created by @wc7086 on GitHub.

Verify the hash when uploading on the web, and save the hash field in the metadata. And display the hash field in the web interface. When using curl to upload, provide an upload option similar to -H "sha1: <value>".

Originally created by @wc7086 on GitHub. Verify the hash when uploading on the web, and save the hash field in the metadata. And display the hash field in the web interface. When using curl to upload, provide an upload option similar to `-H "sha1: <value>"`.

michael closed this issue 2026-01-19 18:29:15 +00:00

michael commented 2026-01-19 18:29:16 +00:00

Author

Owner

Copy Link

@wc7086 commented on GitHub:

what would the goal of implementing this?

Gives the user a way to verify that the downloaded file is complete and correct. I don't know if providing hash on the download page is redundant, maybe we should wait until more people care about this option before deciding?

@wc7086 commented on GitHub: > what would the goal of implementing this? Gives the user a way to verify that the downloaded file is complete and correct. I don't know if providing hash on the download page is redundant, maybe we should wait until more people care about this option before deciding?

michael commented 2026-01-19 18:29:16 +00:00

Author

Owner

Copy Link

@paolafrancesca commented on GitHub:

The problem is that you have to trust the server: a malicious server could just receive and return the provided hash even after tampering the upload, and you should donwload the file a check his hash locally in order to be sure this didn't happen.

@paolafrancesca commented on GitHub: The problem is that you have to trust the server: a malicious server could just receive and return the provided hash even after tampering the upload, and you should donwload the file a check his hash locally in order to be sure this didn't happen.

michael commented 2026-01-19 18:29:16 +00:00

Author

Owner

Copy Link

@paolafrancesca commented on GitHub:

@wc7086 what would the goal of implementing this?

@paolafrancesca commented on GitHub: @wc7086 what would the goal of implementing this?

michael referenced this issue 2026-01-19 18:29:50 +00:00

File preview not showing when self-hosted with docker #306

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dependabot/go_modules/golang.org/x/crypto-0.45.0

dependabot/go_modules/golang.org/x/net-0.38.0

revert-646-main

dependabot/go_modules/golang.org/x/oauth2-0.27.0

check-ci-20241026

aspacca-patch-1

seed-rand

fix-basic-auth

fix-header-map-change-after-writeheader-call

issue-503

issue-487

gpg-encryption-support

lint-accept-range

bump-min-go-version-and-include-tip

accept-range

local-google-fonts

parallel-range-requests

issue-485

sb/storj-bump

fix-perform-clamav-prescan

revert-389-clamav-prescan

clamav-prescan

changes-in-front-end

ISSUE-440

revert-422-main

master

golint

ISSUE-398

multiple-fixes

ISSUE-382-take2

ISSUE-382

fix-workflows

fixes-20210521

ISSUE-371

ISSUE-38-WEB

ISSUE-313

ISSUE-296

fuzz

BINARY-RELEASES

ISSUE-256

v1.6.1

v1.6.0

v1.5.0

v1.4.0

v1.3.1

v1.3.0

v1.2.6

v1.2.4

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.7

v1.1.6

v1.1.5

v1.1.4

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.0

Labels

Clear labels

bug

docker

enhancement

hacktoberfest

help wanted

invalid

question

storage provider

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

michael

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: dutchcoders/transfer.sh#166