Wow the people in this thread are a huge bummer. This is much cooler and I doubt this is a real safety issue. You can already sign up for a free cloudflare account and deploy it for free, on your own, on a free workers.dev domain. The friction removal here isn't going to meaningfully change the security / amount of malicious content.
I co-founded a page builder for WordPress. Myself and my co-founders would joke about the "friends and family" problem. When friends or family asked us to help build their website, we usually pointed them away from our tool+WordPress for something simpler. It's nice to see more options out there that reduce the friction from someone with an idea to something published and sharable.
Several weeks ago, I got frustrated hitting the free tier limits on Netlify, and was looking for a self-hosted solution for this problem. I built it using a DO VPS and Caddy in the backend. It's free on Github. I was able to get the whole thing set up in an hour or two with the help of an agent. Feel free to give it a spin.
Netlify made this 10 years ago... they even copied the name! https://app.netlify.com/drop
They had a short blog post about this:
https://developers.cloudflare.com/changelog/post/2026-07-08-...
There must be some really good protection on this. If I enabled such a thing on any of my servers it would be full of warez, porn, malware, CSAM and who knows what else within minutes. Curious how they manage to keep it clean.
There is a reason I had to lock my better version of this (https://quickish.site) behind Google OAuth to start. Like it or not, this type of stuff is going to be more popular than it was when Netlify / Heroku was doing it a decade ago.
So, if I need a company website, can i do the following:
- drop my html into Cloudflare drop
- setup a CNAME DNS for my domain to point at cloudflare URL
- profit
?
Cloudflare is obviously more trustworthy/robust here, but if name of the url matters to you, my site non.io [1] allows for named uploads, ie https://html.non.io/solara [2]
Somewhat useful if you want a url that isn't a hash / is more self descriptive.
[1] Launch discussion: https://news.ycombinator.com/item?id=36296695
[2] This was a demo of the output of a design tool I'm working on, only the home/accommodations/about pages work.
Cloudflare Drop: finally, a domain registrar that understands the real use case is buying 47 domains at 3am and never deploying anything to any of them
Reminds me of web development in the 1990s.
I honestly miss those days of deployment simplicity.
Hmm, that's fun and useful. Here is snake game for 60 minutes.
It is cool to see not sure why you would use it.
Also it seems to me that this is a good way to exfiltrate data, rubber stamped by cloudflare themselves.
Makes sense. It plays nicely with the vibe code kids who don’t know how to do GitHub or don’t know to ask their LLM about it.
Wonder if it has CLI so coding agents can forward path straight to their API and it would give the CLI site's address. Now that would be cool!
I think this is great. As usual the reaction from HN folks is on brand.
Desktop operating systems should be able to run zipped web apps the way Electron apps run today. It ought to just be part of the OS.
Cool, it worked!
https://drop-1e1a536f-10d.honeysuckle-gull.workers.dev/
It's minesweeper, but the logic uses xstate/store. The link in the bottom is broken; it's supposed to go to `building-minesweeper-with-xstate-store.html`
I have no need for this but I love that my friends could vibe out a website, drop it here, claim it, and host it for pennies. This is great.
"Your site is reachable within ~32ms of 95% of the world’s Internet-connected population" isn't new but it's cool to see that achieved so trivially.
>Something went wrong An unexpected error occurred. Please try again or contact support.
I have a few qualms with this app.
I can see this interface is for vibe coders haha
I have been hosting static websites with cloudflare for years and finding how to do it on the UI is getting harder as they add more things and reoranize.
Dropped a folder with a small HTML project, and after 20 seconds got "Something went wrong. An unexpected error occurred. Please try again or contact support.".
Note how the error has zero information.
Looking in the network tab, a POST request to /upload returned 403 and an HTML page starting with "Sorry, you have been blocked", and to "email the site owner to let them know you were blocked".
I'm very tired of this adversarial approach to software coupled with vague errors.
EDIT: it was the file './git/hooks/fsmonitor-watchman.sample' created by default on git init. Maybe because it's Perl. Worse-than-useless "please try again" and "you've been blocked" for committing the sin of uploading a folder that's a git repository. Sigh...
JAMstack for the rest of us I suppose.
Wait, my first impression was that it points a local browser to your local browser. Now it looks like it uploads your folder to Cloudflare and temporarily serves it over the web. But is that different from what we used to do with FTP? Are there any databases or anything like basic PHP hosts supply? It's just static sites?
Is this a product or what? What's the purpose? Is there an API?
Tried uploading a ZIP and got:
"Something went wrong An unexpected error occurred. Please try again or contact support."
All I ever get is "Something went wrong An unexpected error occurred. Please try again or contact support."
Hah! This is exactly how I’m serving the vestigial remnant of my blogging in the early 2000s from a ZIP-backed Cloudflare Worker today. Should I rebuild my site with Drop+Claim or is it fine as-is? I kind of feel like ‘if what I have works, don’t change it’ is the best path.
This is pretty cool, thanks for sharing. It really enables less tech savvy users. It would really enable frontpage/dreamworks-like flows for some people
> No account needed. Deployment is active for 60 minutes, then expires unless you claim it.
Yet I can't drag and drop a plain old HTML file without putting it in a folder or a ZIP file first.
Extension of the temporary accounts they needed to enable for Agents https://blog.cloudflare.com/temporary-accounts/
Cool, just 20 years too late.
Look. Guys (?)
If cloudflare wants to be the next "Megaupload" what business is it of yours?
There is a guy named kim DOT com. That is actually fucking cool. Whether or not he himself is actually cool. Or in prison.
This is cool and I like it.
Odds are that this new feature will not suffer the same outcome as Megaupload, because of Cloudflare's close relationship with the USG.
Cloudflare folks: Please consider supporting WARC archives for deployment.
It would be nice if we could see some information such as file size limitations, demos, link structure, management, etc. Am I expected to upload a random HTML file and see how it works?
Cloudflare is really good at launching features that facility low-friction deployment of malicious content (such as phishing) on the Internet, piggybacking on their hosting reputation and the fact that you can't easily block their ASN or domains.
It could be fun to use a temporary Mediafire/Rapidshare/Megaupload service. Especially if you need to transfer something between an Android and an iPhone.
geocities/angelfire but for Gen Z and A
The internet will soon be flooded with even more scam landing pages.
This definitely won't get used to host unlimited phishing sites. /s
This is so cool.
Cloudflare has the astonishing ability to make me hate them more as a company every new feature they launch.
Congratulations on launching!
I tried uploading a git repository that I have previously successfully published on Github pages. This is a "no build" website I have built with the help of Claude. It should just work but I keep getting an error. Who can I reach out to give them steps to reproduce? The website repository is public and I feel like anyone at Cloudflare who wants to reproduce my problem can quite literally clone my repo and upload it to cloudflare drop.
Please drop your cloudflare email address and I will reach out to you with my repository information.
oh wow, a blast from the past. I remember a site called staticdrop or statichost like a decade ago, before vercel and everything that did the same thing
Good to see great ideas making a comeback