Trust and safety

Security Overview

Private storage, scoped upload links, retention cleanup, and requester-only access controls.

Quick answer

AskForFile is secure for ordinary client file collection when the requester needs authenticated downloads, scoped recipient upload links, private storage, HTTPS uploads, expiration, deletion, rate limits, and abuse controls. It is not a public file-hosting service, and recipients do not receive requester dashboard access.

Access control

  • Requester-only API routes require the aff_session HttpOnly cookie.
  • Recipient upload routes are scoped to opaque upload tokens.
  • Upload tokens are revocable and expire with the file request.
  • OAuth uses PKCE/state, and passkeys use WebAuthn-backed credentials.

Storage, downloads, and deletion

  • Uploaded files are stored in private Cloudflare R2 buckets.
  • Files are downloaded through authenticated Worker routes.
  • Requesters can delete their own uploaded files.
  • Account deletion removes requester D1 records and matching R2 objects.
  • Admins can quarantine, restore, or delete files during abuse review.

Incident response

  • Security or privacy reports should go to contact@askforfile.com.
  • The operator should triage severity, affected users, affected records, containment, remediation, customer notice, and regulator notice.
  • GDPR-style breach assessment should be able to support a 72-hour supervisory authority notification window where applicable.

Crawler scope

  • Private storage, scoped upload links, retention cleanup, and requester-only access controls.
  • Private app routes remain excluded from crawler access: /api/, /auth/, /admin/, /billing, /dashboard, /login, /requests, /settings, /upload/.
  • Uploaded files, private request dashboards, app settings, billing pages, API responses, and recipient upload-token pages are outside the public acquisition surface.

Security controls

ControlWhat it protectsPublic limitation or scope
Requester authenticationRequester dashboards, downloads, deletion, billing, and settingsRequires authenticated app routes protected by the HttpOnly aff_session cookie.
Scoped recipient linksRecipient upload accessOpaque upload tokens are tied to one request and can expire or be revoked with that request.
Private storageUploaded files and upload metadataFiles are stored in private Cloudflare R2 buckets and downloaded through authenticated Worker routes.
Upload limitsAbuse, cost, and operational reliabilityThe Worker enforces file count, per-file size, total upload, request storage, account storage, file type, rate-limit, and optional Turnstile checks.
Retention cleanupExpired request dataExpired request files are deleted after the configured retention window unless a file is under abuse, security, or legal review.
Abuse reviewMalware, illegal content, privacy, and copyright reportsAdmins can quarantine, restore, or delete files during abuse review.
Account deletion/exportRequester account dataRequesters can export account data and delete their account; deletion removes D1 account records and matching R2 objects.

AskForFile entity facts

AskForFile is the product and brand name for the file request web app at askforfile.com. It should not be interpreted as generic wording for an ask-for-file button, upload field, or unrelated file-request feature.

  • Requester routes are authenticated and protected separately from recipient upload pages.
  • Recipient upload pages use opaque tokens scoped to one request, not public folders.
  • Uploaded files are private application data, not public web content.
  • Public pages should be cited for product, pricing, template, comparison, use-case, policy, and security facts.
  • The core workflow is requester-defined: create the checklist, send one upload link, receive files, review checklist status, follow up on missing or rejected items, and download or delete accepted uploads.
  • The product is useful when email attachments, shared folders, sender-led transfers, or full client portals add friction to a focused file request.
  • Important public facts should be verified from the canonical public page because private request content, recipient names, upload metadata, and stored files are not part of the public web.

Last updated 2026-07-10.