How the explorer works
Is there a web-based file browser for S3 buckets?
Yes, this is one. Open a bucket and it renders as a folder tree you can walk, search, and preview, in your browser, with no CLI and no desktop client. It runs entirely client-side.
Do I have to use Storm to use it?
No. Point it at any S3-compatible bucket you already run. That is the whole idea: "no lock-in" is only real if the tool works on storage that is not ours, so it does. Storm Buckets hosts S3 in Canada, we just do not trap you in it.
Does the explorer see or store my access key?
No. Your browser holds the key, signs each S3 request itself, and talks straight to the bucket. Storm's servers never receive the secret and are never in the path of a single read or write.
Which S3 providers does it work with?
Any S3-compatible endpoint: Storm Buckets, your own Garage or MinIO node, AWS S3, Backblaze B2, Wasabi. If it speaks S3 and allows browser access, it works.
Do I need to install a CLI or a desktop app?
No. It is a web page. Nothing to install, nothing to keep updated.
Why does my bucket need a CORS rule?
Because the page talks to your bucket directly from your browser, the bucket has to allow this site's origin in its CORS config. There is deliberately no Storm backend proxying the request, a proxy is exactly the lock-in we refuse, so the permission lives on your own bucket. Most providers set it in a few lines.
Where does my secret get stored?
You choose, per bucket: kept in this tab only and forgotten when you close it, remembered in this browser, or encrypted at rest behind a passphrase you set. Storm never receives the passphrase.
Can Storm read my files?
Your key never reaches Storm's servers, so nothing you do here passes through Storm. If you host your data on Storm Buckets, Storm's operators have root on the node, like any host, so the honest claim is auditability, not zero-knowledge. If you need protection from that too, encrypt your files before you upload them.