The UploadKit blog
Tutorials, comparisons and engineering notes from the team building file uploads for developers.
- Engineering
Chunked and resumable uploads explained
How chunked and resumable uploads work under the hood — S3/R2 multipart, the tus protocol, and a minimal TypeScript implementation you can actually ship.
- Engineering
File upload progress bars done right
Most file upload progress bars lie. Here's the real model — queued, uploading, processing, complete — and a React state machine that handles retries and multi-file aggregation.
- Engineering
Building an MCP server for your SaaS: lessons from UploadKit
How to design, ship, and register an MCP server so AI coding assistants become first-class users of your SaaS. Stdio vs HTTP, tools, auth, and gotchas.
- Engineering
File upload security: the 12-point checklist
OWASP-aligned file upload security checklist. MIME validation, magic bytes, presigned URLs, virus scanning, content-disposition, rate limiting — with code.
- Engineering
BYOS explained: owning your storage without building it
Bring Your Own Storage lets you keep buckets, billing, and compliance while using a managed upload SDK. Here's how the pattern works and how UploadKit ships it.
- Engineering
Presigned URLs vs server proxy uploads: which to choose
Architectural comparison of presigned URLs vs server proxy uploads. Latency, cost, security, and observability trade-offs with a clear recommendation.