Not sure if this is a glitch or by design, but assets that are added to a project are still available through their url even if they are deleted, or if the entire project is deleted.
That is an advantage for you. Probably takes time to completely delete them or they are saved in server.
I never said it is a issue just implementing, it is a advantage for us
I never said it was an issue, just wanted to point it out
I just noticed this too. For me it is an issue. I have sensitive assets that need to be deleted, but theyâre currently permanently exposed to the web! This definitely needs to be addressed
You definitely donât put sensitive information in your assets⊠However, it may be because it is cached on your local machine, and not on the server.
This is old and I havenât used glitch for a while, but assets are served from a CDN, the whole point of which is caching. If I recall correctly, they are removed after a while.
Also regarding sensitive assets, this article says that theyâre not meant to be private, so shouldnât be used for that: âFiles saves in project assets will still be publicâ.
If I recall correctly, they are removed after a while.
Are you sure about that? When you click âdeleteâ on an asset there are no requests sent to the server (open the network panel in dev tools to see). Itâs possible that thereâs a cronjob regularly crawling all the .glitch-assets
files in all projects to see which assets are still referenced by projects, but that seems like a weird way to implement asset deletion.
I agree itâs not meant for sensitive things, but there are times when youâve uploaded something that you wanted to be public and then later it turns out you donât want that to be available anymore. Proper deletion is obviously a feature that should be available, otherwise itâs âoh well, you made a mistake and now itâs on the internet forever ÂŻ\_(ă)_/ÂŻâ which is obviously not great.
@cori would you be able to chime in here?
Plus Cori isnât active on the forums.
Ah, thanks! I didnât know about glitch_support.
They are not removed. I downloaded one of old projects and checked .glitch-assets
file,
{
"name":"sensitiveImage.jpg",
"uuid":"AAAABBBBCCCCDDD",
"date":"2017-10-16T18:03:35.373Z",
"url":"https://cdn.glitch.com/yourprojectabracadabra/sensitiveImage.jpg",
"type":"image/jpeg",
"size":1670429,
"imageWidth":1920,
"imageHeight":2560,
"thumbnail":"https://cdn.glitch.com/yourprojectanotherabracadabra/sensitiveImage.jpg",
"thumbnailWidth":248,
"thumbnailHeight":330,
"dominantColor":"rgb(124,92,83)"
}
That is the file that was deleted 3 years ago, it just have another item to map it with deleted boolean.
{"uuid":"AAAABBBBCCCCDDD","deleted":true}
So the point is the file deleted in 2016 and 2017 are still there (found many of them) with full urls that I was able to download in full resolution.
Its kinda issue. As you said, if you drag something by mistake or thinking that you can quickly remove it later - its there forever, and most cases user will not even know that its public and available forever
@glitch_support @tasha Please?
If you want an asset really deleted, the Glitch team would manually have to delete it from their S3 buck. Like @khalby786, you need to contact support@glitch.com.