JSONbin.io – Simple JSON Storage (Beta) (opens in new tab)

Pastebin has user friendly content though. People sit on the pages for a long time reading content and they can deliver ads related to the text blobs.

kbr9y ago· 2 in thread

Really sleek and clean, love the design. A simple but useful product, nice job :)

The link to your Twitter on the about page is broken by the way, it should have a protocol.

mr_ali3nOP9y ago

Thanks a lot :) P.S Twitter link is now fixed.

sillysaurus39y ago

Minor bug: The Access URL it generates is invalid. E.g. copying "//jsonbin.io/b/591a7e1cc94cae11ebb443dc" into Chrome's URL bar results in attempting to navigate to "file://jsonbin.io/b/591a7e1cc94cae11ebb443dc", not jsonbin.io/b/591a851ac94cae11ebb4440e.

1 more reply

joshmn9y ago· 2 in thread

Cool. I really like the UI. Response times are slow-er than I would have originally thunk, but I'm sure that's a side effect of the HN hug.

Are you saving these "bins" as files, and then serving them? Or are you putting them into a database? Mostly curious. :)

mr_ali3nOP9y ago

Thank you :) yea, kinda overwhelmed right now with the traffic, should sort out once the dust settles down. As far as your question goes, I don't store them as files, they are in DB. The file is fine for a temporary run, not great when it comes to scaling.

arikfr9y ago

Why not host them on S3? You can probably serve them directly from there too.

1 more reply

Jeaye9y ago· 2 in thread

For a similar service which is entirely encrypted, consider: https://safepaste.org/

sillysaurus39y ago

Your content is being sent to the server encrypted, but it gives you a URL which decrypts it on demand. TLS already does this, right?

Relying on this is a very bad idea. The server could be logging everything and you'd never know. Heck, the server could be imaged at wherever it's hosted and you'd never know. The "burn after reading" feature is impossible to verify. It's just another "Take our word it's doing this" service.

If the website can spit out out a URL that you're then able to view your unencrypted data in, that website is no more secure than pastebin.com. And at least pastebin.com is explicit that everything is logged.

Jeaye9y ago

> Your content is being sent to the server encrypted, but it gives you a URL which decrypts it on demand. TLS already does this, right?

No, since TLS doesn't have anything to do with the original content being encrypted, such that the server can't read it. safepaste should combine TLS with this client-side encryption/decryption (as the hosted version does).

> Relying on this is a very bad idea...

Considering it's FLOSS, I don't think any of those points are valid. I agree that, for it to be more trusted, it should be self-hosted. So, self-host it! Verify it's not logging! Verify the "burn after reading" does the deletion! If you care at all about security, and hosting a secure service, that's going to be essential anyway.

Boiling down the FLOSS project to its provided hosted version is quite missing the point.

> If the website can spit out out a URL that you're then able to view your unencrypted data in, that website is no more secure than pastebin.com.

Given that the encryption/decryption happens entirely on the client side, this simply does not apply. The server knows the paste id, not the secret key. That's kind of the whole point. :)

- Edited for clarification

1 more reply

nictrix9y ago· 2 in thread

Hi, very cool, simple service! I believe the example on the front page, should be Linkin Park without the "g".

mr_ali3nOP9y ago

Hey, thanks a lot :D

P.S Fixed the typo x)

nictrix9y ago

Nice!, Also when I click on Twitter link on the about page it sends me to a bad URL. Looks like you just need to add http in front of the link.

When I copy and paste the access URL I see it starts with // - so the link doesn't go anywhere, is that the intended action?

1 more reply

DorothySim9y ago· 1 in thread

I suggest returning 404 Not Found instead of 422 Unprocessable Entity on failed GETs: https://jsonbin.io/b/2342342 as well as Content-Type: application/json instead of current text/html.

"Entity" in "Unprocessable Entity" refers to request body and for GETs there is no request body: http://www.restpatterns.org/HTTP_Status_Codes/422_-_Unproces...

mr_ali3nOP9y ago

Hey, thanks, yes, I'll be releasing these fixes by tonight.

dkarapetyan9y ago· 1 in thread

Wait. So this just stores arbitrary byte blobs right. What exactly is the JSON bit about? Can I use jq syntax to query and transform whatever JSON is stored?

mr_ali3nOP9y ago

You can transform whatever you want once you request for the stored JSON

jwmoraes9y ago· 1 in thread

Loved the minimal UI.

mr_ali3nOP9y ago

Thanks a lot :)

cpfohl9y ago· 1 in thread

Nice. This is basically my usual "How does this language/framework work?" test project.

I've still never built a twitter clone...

mr_ali3nOP9y ago

Exactly. Wanted to learn a couple of new technologies. Nothing's better to develop a small app and learn as you move ahead with it.

SallySwanSmith9y ago· 1 in thread

Why is this better then just storing json files on s3?

mzzter9y ago

This has a simpler copy-paste usage. And plus, JSONbin.io is a free service.

jinjiang9y ago· 1 in thread

Really great! p.s. Any plan to support JSONP?

mr_ali3nOP9y ago

Thank you. CORS is enabled so I don't think we need JSONP, or do we? :)

arfar9y ago· 1 in thread

Any method of deleting bins?

mr_ali3nOP9y ago

Will add once I introduce private bins feature.

tuananh9y ago· 1 in thread

would be nice if the user can set the url

sth like this

jsonbin.io/username/books/get/1

mr_ali3nOP9y ago

Hey, thanks for the suggestion. I have that on my roadmap once I implement authentication. Later, one can create private bins, version control for the same, query only specific data out of your entire JSON and so on. Feel free to throw in if you have any more suggestions. :)

j / k navigate · click thread line to collapse

49 comments

33 comments · 13 top-level

elnik9y ago· 4 in thread

I made the exact same thing couple of years back, but shut it down because I couldn't think of sustainably maintaining such a "free" service.

I have a lot of ideas like this, but I am super confused on the sustainability part. What ways are there to sustainably maintain such services?

elnik9y ago

On another note,

Why the 'snippet' additional step when creating new fiddles?

Being able to do:

curl -X POST -d @test.json https://jsonbin.io/b/new

will be cool!

Kiro9y ago

I thought that's how it works?

https://jsonbin.io/api-reference

1 more reply

zuck99y ago

Ads? Simplest way to sustain. Pastebin does it.

itake9y ago

Pastebin has user friendly content though. People sit on the pages for a long time reading content and they can deliver ads related to the text blobs.

kbr9y ago· 2 in thread

Really sleek and clean, love the design. A simple but useful product, nice job :)

The link to your Twitter on the about page is broken by the way, it should have a protocol.

mr_ali3nOP9y ago

Thanks a lot :) P.S Twitter link is now fixed.

sillysaurus39y ago

1 more reply

joshmn9y ago· 2 in thread

Cool. I really like the UI. Response times are slow-er than I would have originally thunk, but I'm sure that's a side effect of the HN hug.

Are you saving these "bins" as files, and then serving them? Or are you putting them into a database? Mostly curious. :)

mr_ali3nOP9y ago

arikfr9y ago

Why not host them on S3? You can probably serve them directly from there too.

1 more reply

Jeaye9y ago· 2 in thread

For a similar service which is entirely encrypted, consider: https://safepaste.org/

sillysaurus39y ago

Your content is being sent to the server encrypted, but it gives you a URL which decrypts it on demand. TLS already does this, right?

Jeaye9y ago

> Your content is being sent to the server encrypted, but it gives you a URL which decrypts it on demand. TLS already does this, right?

> Relying on this is a very bad idea...

Boiling down the FLOSS project to its provided hosted version is quite missing the point.

> If the website can spit out out a URL that you're then able to view your unencrypted data in, that website is no more secure than pastebin.com.

Given that the encryption/decryption happens entirely on the client side, this simply does not apply. The server knows the paste id, not the secret key. That's kind of the whole point. :)

- Edited for clarification

1 more reply

nictrix9y ago· 2 in thread

Hi, very cool, simple service! I believe the example on the front page, should be Linkin Park without the "g".

mr_ali3nOP9y ago

Hey, thanks a lot :D

P.S Fixed the typo x)

nictrix9y ago

Nice!, Also when I click on Twitter link on the about page it sends me to a bad URL. Looks like you just need to add http in front of the link.

When I copy and paste the access URL I see it starts with // - so the link doesn't go anywhere, is that the intended action?

1 more reply

DorothySim9y ago· 1 in thread

I suggest returning 404 Not Found instead of 422 Unprocessable Entity on failed GETs: https://jsonbin.io/b/2342342 as well as Content-Type: application/json instead of current text/html.

"Entity" in "Unprocessable Entity" refers to request body and for GETs there is no request body: http://www.restpatterns.org/HTTP_Status_Codes/422_-_Unproces...

mr_ali3nOP9y ago

Hey, thanks, yes, I'll be releasing these fixes by tonight.

dkarapetyan9y ago· 1 in thread

Wait. So this just stores arbitrary byte blobs right. What exactly is the JSON bit about? Can I use jq syntax to query and transform whatever JSON is stored?

mr_ali3nOP9y ago

You can transform whatever you want once you request for the stored JSON

jwmoraes9y ago· 1 in thread

Loved the minimal UI.

mr_ali3nOP9y ago

Thanks a lot :)

cpfohl9y ago· 1 in thread

Nice. This is basically my usual "How does this language/framework work?" test project.

I've still never built a twitter clone...

mr_ali3nOP9y ago

Exactly. Wanted to learn a couple of new technologies. Nothing's better to develop a small app and learn as you move ahead with it.

SallySwanSmith9y ago· 1 in thread