Continue to serve download page until after 24 hour expiry

[ehuggett]

When using a download link the error page "This link has expired or never existed in the first place!" should not be displayed until after the 24 hour expiry. Currently, if the file has been downloaded, the error page is displayed immediately.

A file sender can determine when the receiver has downloaded the file by simply repeatedly loading the URL for it until the error message is displayed. If this was scripted it might achieve easily achieve an accuracy of seconds (but don't know if that would be for when the receiver started the download or finished it without checking).

As downloading the file is a 'destructive' action I can't see any remaining issues if the error page is not displayed until the user clicks "download", other than the unavoidable (if files can only be downloaded once) ability for the sender to determine that the file has NOT been downloaded by the recipient as they did not get the error message. I understand this may be confusing from a user perspective (i.e "why did they show me a download button if it wasn't going to work"), but its being done to protect their privacy and perhaps other changes can be made to make it less confusing ie changing the error page to state "This file has already been downloaded, has expired or never existed in the first place! subtitle: We deny everything to protect the privacy of our users, sorry we can't be more specific." (which would complement the current 'footer' text "Send files through a safe, private, and encrypted link that automatically expires to ensure your stuff does not remain online forever.").

This would effectively make #159 a "feature" instead of a bug, as the page not reloading would be irrelevant (it would work as intended when they click Download).

If the recipient cannot opt out of #324 then what I consider undesirable behaviour would be by design and the error page would be irrelevant, but it would still be required if the user will be warned the sender requested a notification before they start the download. (edit: for clarity that should have read "still required if they are warned with the ability to opt out")

[ehuggett]

Ah, somehow I missed the senders client keeps a list of previously uploaded files and appears to be checking that they still exist by requesting send.firefox.com/exists/

I can see the utility of it for the sender, but I doubt the receiver would expect Mozilla to be passing back metadata about their activities. I am also suggesting that it should NOT be possible to check if known fileid's are downloadable without also destroying them (causing their deletion).

Instead, The senders list of uploaded files could display the entry until their local clock states it has expired? (if download notifications were enabled they could perhaps cause it to be deleted)