Jirafeau

Version: 4.7.1
Required minimum memory: 256MB
Last updated 26 Jan 2026
Install now

Recent Changes

  • Update Jirafeau to 4.7.1

  • Full Changelog

  • Fixed another possibility to bypass the checks for CVE-2022-30110, CVE-2024-12326 and CVE-2025-7066 (prevent preview of SVG images and other critical files) by sending a manipulated HTTP request with a MIME type like "image". When doing the preview, the browser tries to automatically detect the MIME type resulting in detecting SVG and possibly executing JavaScript code. To prevent this, MIME sniffing is disabled.

  • The default value of max_upload_chunk_size_bytes was set to 5000000. Higher values could trigger a bug Chromium-based browsers on servers with HTTP/3 enabled, causing asynchronous uploads to fail.

About

Jirafeau is a "one-click-filesharing": Select your file, upload, share a link. That's it.

Main features

  • One upload - One download link & one delete link
  • Shows progression: speed, percentage and remaining upload time
  • Preview content in browser (if possible)
  • Optional password protection (for uploading or downloading)
  • Set expiration time for downloads
  • Option to self-destruct after first download
  • Shortened URLs using base 64 encoding
  • Maximal upload size configurable
  • NO database, only use basic PHP
  • Simple language support with a lot of langages (help us on weblate!)
  • File level Deduplication for storage optimization (does store duplicate files only once, but generate multiple links)
  • Optional data encryption
  • Small administration interface
  • CLI script to remove expired files automatically with a cronjob
  • Basic API
  • Bash script to upload files via command line
  • Themes
Install Jirafeau in a few minutes on your server with Cloudron. To install Cloudron first, follow our setup steps.
Mastodon Mastodon