undefined | Better HN

0 pointsm348e9122y ago0 comments

Right, but your server logs should see the full request (and the keys), no?

0 comments

I just see these in my server logs when someone generates a link:

INFO: [cloudflare ip]:47174 - "POST /generate_link HTTP/1.1" 200 OK

So you don't also see "GET /e47b07057738525b2f77fab1ef3197cac1b27e7672ea1a49bc5ae4f87eb19e8c/73a3257c89dbef144434269df702364eb0422554c508b6433266b4e65d07b344#p3d3pLH7ND2cr6EJztGmQosfPZdItxE_FQ5zCsGZ5bM=/ HTTP/1.1" 200 OK?

(That would be a test message I created a link for)

ackatz2y ago

No, anything including and after the # is not seen by the server. Here is a screenshot from Fly that shows what it looks like from my end: https://imgur.com/a/41XxtHJ

If someone were to go to just the /sha256/sha256 link without the encryption key bookmark appended to it, they would see: Decryption failed: ChaCha20Poly1305 key must be 32 bytes.

Or with a wrong key they would see: Decryption failed:

1 more reply

j / k navigate · click thread line to collapse

0 comments

ackatz2y ago

I just see these in my server logs when someone generates a link:

INFO: [cloudflare ip]:47174 - "POST /generate_link HTTP/1.1" 200 OK

m348e912OP2y ago

(That would be a test message I created a link for)

ackatz2y ago

No, anything including and after the # is not seen by the server. Here is a screenshot from Fly that shows what it looks like from my end: https://imgur.com/a/41XxtHJ

If someone were to go to just the /sha256/sha256 link without the encryption key bookmark appended to it, they would see: Decryption failed: ChaCha20Poly1305 key must be 32 bytes.

Or with a wrong key they would see: Decryption failed:

1 more reply

j / k navigate · click thread line to collapse