Direct uploads
Rails signs a short-lived upload request. Ordinary file bytes move from your browser directly to S3-compatible storage; the application server does not proxy them.
Wirecopy treats every upload as untrusted and every public URL as a bearer credential.
Rails signs a short-lived upload request. Ordinary file bytes move from your browser directly to S3-compatible storage; the application server does not proxy them.
The initial production preview verifies the stored byte count before creating a link. Malware scanning is not yet enabled.
Public paths use cryptographically random tokens. Anyone holding a link can open it, so revocation and expiry remain one click away.
Wirecopy records aggregate access count and the last access time. It does not build visitor profiles or expose recipient identity.
PostgreSQL and MinIO run on loopback. The deterministic fake scanner makes tests reliable; the optional full profile connects the same state machine to ClamAV.