this post was submitted on 19 Nov 2024
56 points (95.2% liked)

Open Source

31341 readers
207 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

Extractify.zip is open source progressive web app (PWA) website to view and extract zip files online without downloading them (client side). It is a free and open source project.

Website: https://extractify.zip/

top 12 comments
sorted by: hot top controversial new old

"7z-wasm": "^1.0.2",

Ah, knew we were looking at a wrapper of my faithful companion here

[–] aebletrae@hexbear.net 8 points 2 days ago (1 children)

I'm confused. How are you defining "download" and "online" here?

The website suggests that the server holds the files and does the extraction:

Extract and Explore compressed files online [emphasis mine]

which fits with the github claim of:

to view and extract zip files online without downloading them

but the website also states that:

nothing leave your browser

which suggests that the server has nothing to do with it, and you do actually download the zip files first.

What am I missing?

[–] Markaos@lemmy.one 5 points 2 days ago (1 children)

I have no clue what's meant by "without download", but this app just uses web assembly to inspect the archive in the browser. The sandbox they talk about most likely refers to the browser sandboxing.

So it pretty much boils down to "risking running malicious code is fine, because this app as a whole is treated as malicious by the browser".

[–] aebletrae@hexbear.net 2 points 2 days ago

Yeah, that's what I was suspecting.

I ended up leaning towards "download" being used in the boomer way of meaning any data transfer, whatever the direction, which in this case would more specifically be called an "upload". And that "online" was being used to mean "using a website", even though the local processing is offline.

The alternative fit to the description I had considered was a website you could give an URL, so it retrieves the zip file and allows you to inspect it remotely, and maybe just download some of the contained files, so it deals with the risk and bandwidth issues for you. That would be a different kind of useful, though it'd only be a few days before someone uses it for malign purposes and gets the site operator a no-knock visit from the fuzz, so that seemed much less likely.

I can see a use for an app that can be used where they can't be installed, though.

[–] pastermil@sh.itjust.works 4 points 2 days ago

Don't we already have this all of our file browsers and archive browsers?

[–] undefined@lemmy.hogru.ch 3 points 2 days ago (3 children)

Don’t get me wrong, this is cool, but is there some reason not to extract a .zip file locally?

I’ve been using Linux, UNIX for a long time so I don’t know if it’s a Windows thing or what.

[–] ShortN0te@lemmy.ml 4 points 2 days ago

A compacted archive could be used as an attack vector.

  • Zip Bombs
  • Code execution through a vulnerability in the extracting algorithm

Both of them are valid for any OS.

[–] fmstrat@lemmy.nowsci.com 3 points 2 days ago

I had thought for virus scanning, but it doesnt seem to do that yet.

[–] sag@lemm.ee 1 points 2 days ago (1 children)

My android file explorer don't support .RAR or 7z archive. It's only FOSS File Explorer

[–] undefined@lemmy.hogru.ch 1 points 2 days ago

Oh yeah, that makes sense.

[–] kekmacska@lemmy.zip 4 points 2 days ago

extractify when i want to extract a 16 gb source code:

[–] fmstrat@lemmy.nowsci.com 1 points 2 days ago

Integrate with ClamAV or VirusTotal and this would be a masterpiece.