Spearhead/privateburn
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Marsell Kukuljevic 2026-01-16 11:07:41 +00:00
parent e28b8241ef
commit fff882a849
1 changed files with 6 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
README.md
View File

@ -15,10 +15,11 @@ Self-Destruction: The server deletes the encrypted file from the disk the moment
Node.js (v16.0.0 or higher recommended)
No package manager (npm/yarn) is required.
For TLS put nginx or haproxy in front.
## Installation & Running
Clone or copy the three files (server.js, index.html, auth.json) into a directory.
Clone or copy the two files (server.js and index.html) into a directory.
Start the server:
@ -37,25 +38,6 @@ DATA_DIR: Where encrypted blobs are stored (default: ./data).
MAX_SIZE_BYTES: Maximum secret size (default: 10MB).
# 📡 API Usage
You can create burn codes programmatically without using the web UI.
Create a Secret
Endpoint: POST /api/secret
Body: Raw binary data (the encrypted payload).
Example using curl:
```Bash
curl -X POST --data-binary "@encrypted_file.bin" http://localhost:3000/api/secret
Response:
JSON
{ "id": "550e8400-e29b-41d4-a716-446655440000" }
```
# 📋 Features
Zero Dependencies: Uses only native Node.js modules (http, fs, crypto, path).
@ -65,7 +47,7 @@ One-Click Copy: Generated links are automatically copied to the clipboard.
Mobile Friendly: Clean, responsive "Chat-style" UI.
Secure Erasure: Uses fs.unlink to ensure the file is removed from the filesystem after one read.
Immediate Erasure: Uses fs.unlink to ensure the encrypted file is removed from the filesystem after one read.
# ⚠️ Important Notes
Persistence: Since it uses the file system, secrets will survive a server restart until they are burned.
@ -74,7 +56,8 @@ HTTPS: To use the Web Crypto API (window.crypto), this app must be served over H
# Todo
- tested only on macos using safari (not sure if works on other platforms)
- example of how to use the api ( i think we need another script to alse generate the jwt as well )
- example of how to use the api, including script to generate the encrypted file
- add some method to delete secrets that have not been accessed within a certain time frame.
- add some method to expiry secrets (e.g. when creating, maybe define how long they should be valid for)
- add progress indicator to UI
- add rate limited to make abuse harder?