The latest articles on DEV Community by Kin Pan Ho (@kin_panho_319240e9b3688c). https://dev.to/kin_panho_319240e9b3688c https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3950932%2F6e3c3d1c-139b-4154-b15d-aa0528b52b41.jpg https://dev.to/kin_panho_319240e9b3688c en Kin Pan Ho Mon, 25 May 2026 15:00:09 +0000 https://dev.to/kin_panho_319240e9b3688c/built-tmpdrop-a-tiny-self-hosted-ephemeral-file-drop-370f https://dev.to/kin_panho_319240e9b3688c/built-tmpdrop-a-tiny-self-hosted-ephemeral-file-drop-370f <p>Drag-drop upload, unguessable URLs (72 bits entropy), auto-deletes after 1h/24h, strict MIME allowlist + CSP sandbox.</p> <p>One docker compose up. MIT.</p> <p>🔗 <a href="https://github.com/rogerhokp/tmpdrop" rel="noopener noreferrer">https://github.com/rogerhokp/tmpdrop</a><br> 🌐 <a href="https://tmpdrop.solardev.online" rel="noopener noreferrer">https://tmpdrop.solardev.online</a></p> <p>Why another one: public file hosts retain your data on infra you don't control + predictable URLs get scraped. tmpdrop is "0x0.st but on your own box" with a security posture I'm actually comfortable with.</p> <p>Built with Claude Code pair-programming; threat model + security choices mine.</p> opensource node ai