I was wondering if the security rules for Firebase storage are bypassed if someone directly has the link to the stored file. So, for example, if there was an image with the link: https://firebasestorage.googleapis.com/v0/b/my-app.appspot.com/o/images%2FDUm5uTbE1sh8Ey6xjFRiumCMyI42%2Fimage1?alt=media&token=cbeff037-d7e8-43d1-924c-3338ddf5305b
and a random person had access to this link, they would be able to the view the image, regardless of any security rules, right?
Do security rules for Cloud Storage then only apply when the Cloud Storage is directly accessed through the Firebase API and not through an outside link like this?
Thanks
Yes they can access the image directly with the link, the security rules are overruled when you directly open the database or share the link to the database
1.4m articles
1.4m replys
5 comments
57.0k users
