Show HN: HoldTheFile: A File Sharing Solution with Zero Login Required
holdthefile.xyzI've built *HoldTheFile* - a Flask-based secure file sharing application that prioritizes security and simplicity while solving the common problem of safe file distribution.
## The Problem Most file sharing solutions either require complex authentication, alpha-numeric combinations or sacrifice security for convenience. I needed something that could handle flexible situations, provide real-time upload progress, and ensure files are always downloaded (never previewed in browser) while maintaining security.
## The Solution HoldTheFile combines phrase+PIN authentication for security features:
### Key Features: - *Zero Login Required*: Access via phrase + PIN only. You might think it's a security bottleneck but you can use any word combinations or sentences even paragraphs as phrase - *Unlimited File Uploads*: No size restrictions - *Real-time Progress Bar*: Live upload speed and percentage tracking - *Forced Download*: All files download directly - no browser preview (critical for security) - *Shareable Links*: Secure download links without authentication and without leaking your secure folder - *Drag & Drop File Management*: Move files between folders intuitively - *Double-Hash Security*: MD5 workspace + SHA256 file verification
### Security First: - *XSS, RFI, Path Traversal Protection*: Comprehensive input sanitization - *SQL Injection Prevention*: Full ORM implementation - *Security Headers*: CSP, X-Frame-Options, X-Content-Type-Options - *File Isolation*: MD5-based workspace separation - *No Preview Execution*: HTML/JS files never run in browser
### Tech Stack: - *Backend*: Flask + PostgreSQL - *Security*: Werkzeug, custom sanitization utils - *Frontend*: Vanilla JavaScript with real-time upload tracking
## Cost & Infrastructure Currently running alongside my other projects on a VDS panel. Storage costs are manageable at this scale - the application is lightweight and PostgreSQL handles file metadata efficiently while actual files are stored directly on the filesystem. The unlimited upload feature hasn't caused storage issues yet, but I'm monitoring usage patterns.
## Real-World Use Cases HoldTheFile solves everyday file sharing challenges:
- *Cross-Device Transfer*: Send files from phone to computer without cables or cloud accounts. Don't have to log in to your accounts on foreign computers. - *Team Collaboration*: Share project files without setting up user accounts - *Classroom Materials*: Teachers distribute course materials instantly - *Event Photo Sharing*: Wedding guests upload/download photos using a shared phrase - *Tech Support*: Share logs and screenshots with support teams instantly - *Family File Vault*: Share important documents with family members securely
Would love to hear feedbacks.
No comments yet.