A production-ready, secure pastebin built on Cloudflare Workers with one-time view capability, comprehensive analytics, and a beautiful modern UI. Perfect for sharing code snippets, logs, and sensitive data with automatic expiration.

🎯 Keywords: secure pastebin, code sharing, one-time view, Cloudflare Workers, TypeScript, edge computing, serverless, privacy-focused, auto-expiration, paste sharing

Official Instance: https://1paste.dev - Ready to use right now!

• 🌟 Try it Live!
• ✨ Features
• 🚀 Quick Start
• 🎯 Usage
• 📖 API Documentation
• ⚙️ Configuration
• 🤝 Contributing
• 📄 License
• 🔗 Links

🍴 Forked this repo? Update the deploy button and links! See SETUP.md for quick customization.

• 🔥 One-time view: Pastes are automatically deleted after being viewed once (optional)
• 👁️ Multi-view mode: Allow multiple views until expiration
• ⏰ Auto-expiration: Configurable expiry times (5 minutes to 30 days)
• 🛡️ Content validation: Suspicious pattern detection and content quality checks
• 🚫 XSS protection: Full HTML escaping and secure rendering
• 🚦 Rate limiting: Configurable limits to prevent abuse
• 🔑 Secure IDs: Cryptographically secure paste identifiers
• 🗑️ Manual deletion: Recipients can delete pastes before expiration

• 📋 One-click copy: Simple, reliable copy button that works everywhere
• 💾 Multiple download formats: Auto-detect, TXT, and Markdown with metadata
• 🎨 Beautiful UI: Modern purple gradient design with responsive layout
• 📱 Mobile-friendly: Works perfectly on all device sizes
• ⚡ Progressive enhancement: Full functionality with or without JavaScript
• 🖱️ Click-to-select: Click content area to select all text
• ⌨️ Keyboard shortcuts: Quick actions for power users

• 🎯 Auto-detection: Smart language detection from content patterns
• 25+ languages: JavaScript, Python, Java, Go, Rust, SQL, and more
• 📝 Syntax highlighting: Beautiful code formatting (planned)
• 📊 Language analytics: Track most popular programming languages

• 📈 Usage tracking: Views, shares, and errors with privacy-focused hashing
• 🌍 Geographic insights: Optional IP-based location tracking
• 📅 Time-based statistics: Hourly and daily usage patterns
• 📊 Trend analysis: Growth metrics and popular usage times
• 🔍 Health monitoring: Built-in health checks and error tracking

• ⚡ Edge computing: Cloudflare Workers for global performance
• 🗄️ KV Storage: Distributed key-value storage with automatic TTL
• 📦 Zero dependencies: Minimal attack surface, maximum security
• 🔧 TypeScript: Full type safety and excellent developer experience
• 🧩 Modular design: Clean separation of concerns
• 🌐 API-first: RESTful API with beautiful web interface

• Node.js 18+
• npm or yarn
• Cloudflare account
• Wrangler CLI

Note: If you forked this repository, update the placeholders first! See SETUP.md for instructions.

1. Clone the repository:

git clone https://github.com/YOUR_USERNAME/YOUR_REPO_NAME.git
cd secure-pastebin
npm install

2. Create Cloudflare KV namespaces:

# Create production namespaces
wrangler kv namespace create PASTES_KV
wrangler kv namespace create ANALYTICS_KV

# Create preview namespaces for development
wrangler kv namespace create PASTES_KV --preview
wrangler kv namespace create ANALYTICS_KV --preview

3. Update wrangler.toml with your namespace IDs:

[[kv_namespaces]]
binding = "PASTES_KV"
id = "your-pastes-namespace-id"
preview_id = "your-pastes-preview-id"

[[kv_namespaces]]
binding = "ANALYTICS_KV"
id = "your-analytics-namespace-id"
preview_id = "your-analytics-preview-id"

4. Start development:

npm run dev
# Visit http://localhost:8787

5. Deploy to production:

npm run deploy

1. Visit your deployed URL
2. Paste your content (code, text, logs, etc.)
3. Choose settings:
   • Title: Optional descriptive title
   • Language: Auto-detected or manually selected
   • Expiry: 5 minutes to 30 days
   • View mode: One-time or multiple views
4. Share the link - recipients can view and copy content
5. One-click copy - Simple copy button that works everywhere

curl -X POST https://your-domain.workers.dev/create \
  -H "Content-Type: application/json" \
  -d '{
    "title": "My Code Snippet",
    "content": "console.log(\"Hello, World!\");",
    "language": "javascript",
    "expires": "24h",
    "oneTimeView": false
  }'

curl https://your-domain.workers.dev/s/abc123def456 \
  -H "Accept: application/json"

interface CreatePasteRequest {
  title?: string;           // Optional title
  content: string;          // Paste content (required)
  language?: string;        // Programming language
  expires?: string;         // Expiry time (5m, 1h, 24h, 7d, 30d)
  oneTimeView?: boolean;    // One-time view mode (default: true)
}

interface CreatePasteResponse {
  success: true;
  id: string;               // Paste ID
  shareUrl: string;         // Full sharing URL
  title?: string;           // Paste title
  language: string;         // Detected/specified language
  expiresAt: string;        // ISO expiration date
  size: number;             // Content size in bytes
  createdAt: string;        // ISO creation date
  oneTimeView: boolean;     // View mode
}

# wrangler.toml
[vars]
ENVIRONMENT = "production"
MAX_PASTE_SIZE = "1048576"        # 1MB max paste size
MAX_TITLE_LENGTH = "200"          # Maximum title length
DEFAULT_EXPIRY_HOURS = "24"       # Default expiry time
RATE_LIMIT_CREATE = "10"          # Max pastes per minute per IP
RATE_LIMIT_VIEW = "100"           # Max views per minute per IP
ANALYTICS_ENABLED = "true"        # Enable usage analytics

25+ programming languages with auto-detection:

• Web: JavaScript, TypeScript, HTML, CSS, JSON
• Backend: Python, Java, Go, Rust, C/C++, C#, PHP, Ruby
• Data: SQL, YAML, XML, Markdown
• DevOps: Shell, Bash, PowerShell, Dockerfile
• And more: Swift, Kotlin, Scala, R

┌─────────────────┐    ┌─────────────────┐    ┌─────────────────┐
│   Web UI        │    │   REST API      │    │   KV Storage    │
│                 │    │                 │    │                 │
│ • Form handling │    │ • Create paste  │    │ • Paste data    │
│ • Copy buttons  │    │ • View paste    │    │ • Analytics     │
│ • Downloads     │    │ • Delete paste  │    │ • Auto-expiry   │
│ • Responsive    │    │ • Analytics     │    │ • TTL cleanup   │
└─────────────────┘    └─────────────────┘    └─────────────────┘
         │                       │                       │
         └───────────────────────┼───────────────────────┘
                                 │
                    ┌─────────────────┐
                    │ Cloudflare Edge │
                    │                 │
                    │ • Rate limiting │
                    │ • Security      │
                    │ • Caching       │
                    │ • Global CDN    │
                    └─────────────────┘

src/
├── core/                    # Core business logic
│   ├── storage.ts          # KV storage operations
│   ├── security.ts         # Security & validation
│   ├── analytics.ts        # Usage analytics
│   └── utils.ts            # Utilities & helpers
├── handlers/               # Request handlers
│   ├── create.ts          # Paste creation logic
│   └── view.ts            # Paste viewing & deletion
├── ui/templates/           # HTML templates
│   ├── error.ts           # Error pages
│   └── view.ts            # Paste view template
├── config/                 # Configuration
│   └── constants.ts       # App constants
└── worker.ts              # Main entry point

npm run dev          # Start development server
npm run build        # Build TypeScript
npm run deploy       # Deploy to Cloudflare
npm run type-check   # Run TypeScript checks

1. Start development: npm run dev
2. Make changes to TypeScript files
3. Test locally at http://localhost:8787
4. Build and deploy: npm run build && npm run deploy

# Test paste creation
curl -X POST http://localhost:8787/create \
  -H "Content-Type: application/json" \
  -d '{"content": "test", "expires": "1h"}'

# Test paste viewing
curl http://localhost:8787/s/PASTE_ID

# Test analytics
curl http://localhost:8787/api/stats

• HTML escaping: All user content is escaped to prevent XSS
• Content validation: Detects suspicious patterns and potential security issues
• Size limits: Configurable maximum paste size (default: 1MB)
• Rate limiting: Per-IP limits to prevent abuse

• Automatic cleanup: Expired pastes are automatically deleted
• IP hashing: IP addresses are hashed for analytics (not stored raw)
• No tracking: No cookies or persistent tracking
• Minimal logging: Only essential error information is logged

• Secure IDs: Cryptographically secure paste identifiers
• One-time view: Optional automatic deletion after first view
• Manual deletion: Recipients can delete pastes before expiration
• No enumeration: Paste IDs cannot be guessed or enumerated

Access analytics at /api/stats:

{
  "totalShares": 1250,
  "totalViews": 3780,
  "uniqueVisitors": 892,
  "languages": {
    "javascript": 425,
    "python": 380,
    "text": 210
  },
  "topLanguages": [
    {"language": "javascript", "count": 425, "percentage": 34}
  ],
  "trends": {
    "sharesGrowth": 15,
    "viewsGrowth": 8,
    "popularHours": [14, 15, 16]
  }
}

Health check endpoint at /api/health:

{
  "status": "healthy",
  "timestamp": "2024-01-01T12:00:00.000Z",
  "version": "1.0.0",
  "features": {
    "storage": true,
    "analytics": true,
    "security": true
  }
}

1. Create KV namespaces (see Quick Start)
2. Configure wrangler.toml with your settings
3. Deploy: npm run deploy
4. Add custom domain (optional) in Cloudflare dashboard

# Install Wrangler CLI
npm install -g wrangler

# Login to Cloudflare
wrangler login

# Deploy
npm run deploy

1. Go to Workers & Pages → Your Worker → Settings → Triggers
2. Add Custom Domain
3. Update base URL in your application if needed

We welcome contributions! Here's how to get started:

1. Fork the repository
2. Create a feature branch: git checkout -b feature/amazing-feature
3. Make your changes
4. Test thoroughly
5. Commit: git commit -m 'Add amazing feature'
6. Push: git push origin feature/amazing-feature
7. Open a Pull Request

• ✅ TypeScript: Use strict typing
• ✅ Testing: Test your changes locally
• ✅ Documentation: Update docs for new features
• ✅ Code style: Follow existing patterns
• ✅ Security: Consider security implications

• 🎨 Syntax highlighting with Prism.js
• 🔍 Search functionality
• 👥 User accounts and paste management
• 🔗 Paste collections and folders
• 📧 Email notifications
• 🔒 Password protection
• 📱 Mobile app

This project is licensed under the MIT License - see the LICENSE file for details.

• Cloudflare Workers - Edge computing platform
• TypeScript - Type safety and developer experience
• Wrangler - Development and deployment tools
• Open source community - For inspiration and best practices

• 🐛 Bug Reports: GitHub Issues
• 💡 Feature Requests: GitHub Discussions
• 📖 Documentation: This README and inline code comments
• 🚀 Deployment Help: Cloudflare Workers Docs

If you find this project useful, please consider giving it a star! ⭐

• 🌐 Live Demo: https://1paste.dev
• 📊 GitHub Repository: https://github.com/viralburst/pastebin
• ⚡ Cloudflare Workers: https://workers.cloudflare.com/
• 🔧 TypeScript: https://www.typescriptlang.org/
• 🛠️ Wrangler CLI: https://developers.cloudflare.com/workers/wrangler/
• 📚 Documentation: DEPLOYMENT.md | CONTRIBUTING.md | SECURITY.md

Made with ❤️ using Cloudflare Workers and TypeScript

Secure, fast, and beautiful paste sharing for developers

⭐ Star this repo if you find it useful! ⭐