upload: Disable the tus-js-client fingerprinting feature.

This feature isn't likely to be useful for our use case and generates some risk; see the comment for details.
2024-10-08 15:04:10 -07:00 · 2024-10-08 15:04:10 -07:00 · a1d616f8c0
parent 6c069f4365
commit a1d616f8c0
1 changed files with 16 additions and 0 deletions
--- a/web/src/upload.ts
+++ b/web/src/upload.ts
@ -268,6 +268,22 @@ export function setup_upload(config: Config): Uppy {
    uppy.use(Tus, {
        // https://uppy.io/docs/tus/#options
        endpoint: "/api/v1/tus/",
+        // The tus-js-client fingerprinting feature stores metadata on
+        // previously uploaded files in browser local storage, to
+        // allow resuming the upload / avoiding a repeat upload in
+        // future browser sessions.
+        //
+        // This is not a feature we need across browser sessions. Since these local storage
+        // entries are never garbage-collected, can be accessed via
+        // the browser console even after logging out, and contain
+        // some metadata about previously uploaded files, which seems
+        // like a security risk for using Zulip on a public computer. So we
+        // disable the feature.
+        //
+        // TODO: The better fix would be to define a `urlStorage` that is
+        // backed by a simple JavaScript map, so that the resume/repeat
+        // features are available, but with a duration of the current session.
+        storeFingerprintForResuming: false,
        // Number of concurrent uploads
        limit: 5,
    });