undefined | Better HN

story

0 pointsAdmiralAsshat7y ago0 comments

No one I've tried it with has ever had it fail on them.

But to answer your question, I uploaded a 100mb+ file to FireFox Send, copied the link, RDPd into another computer, kicked off the download, and then cancelled it midway through download. The link did expire after that.

So I guess they don't have an easy way of telling whether the download is successful or not. Maybe Mozilla's engineers can figure something out if the issue is raised.

0 comments

NKCSS7y ago

If they did, you could abuse it by just trasfering every byte except the last, add that in a custom link to complete the file transfer and have unlimited distribution ;) I think it's best the way they did it.

1 more reply

toomuchtodo7y ago

I appreciate you took the time to run a test to answer my question. Thank you.

Firefox might consider keying off the initial IP seen upon retrieval and extending the TTL of the object until the final byte has been retrieved.

kbenson7y ago

I can see benefits to keying off the IP, but also to keying off some cookie that can expire shortly. One of the reasons I imagine a download might fail could be because of a spotty of problematic VPN or proxy, or attempting to get it from a location that can't handle it well if somewhat large (some random coffee shop wifi that's overused).

There's probably enough complexity and possibility for abuse in allowing automated requests for files again (i.e. a button on the view page) or special logic for second attempts that the safest option is just to have the receiving party ask for the file again through whatever medium originally kicked off the request (an email, an IM, etc).

Firefox could do any number of things to make it easier on the user, but I expect them to take my security and privacy very seriously and to error on the side of those ideas rather than usability, so hopefully if they come out with something it's not at odds with those goals.

eridius7y ago

Did you test to see if the download could be resumed?

In an ideal world, partially-downloading the file would expire the link, but the server would still allow the file download to be resumed (but not restarted).

j / k navigate · click thread line to collapse