Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
348 views
in Technique[技术] by (71.8m points)

Firebase Storage Security?

I was wondering if the security rules for Firebase storage are bypassed if someone directly has the link to the stored file. So, for example, if there was an image with the link: https://firebasestorage.googleapis.com/v0/b/my-app.appspot.com/o/images%2FDUm5uTbE1sh8Ey6xjFRiumCMyI42%2Fimage1?alt=media&token=cbeff037-d7e8-43d1-924c-3338ddf5305b

and a random person had access to this link, they would be able to the view the image, regardless of any security rules, right?

Do security rules for Cloud Storage then only apply when the Cloud Storage is directly accessed through the Firebase API and not through an outside link like this?

Thanks

question from:https://stackoverflow.com/questions/65915225/firebase-storage-security

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Yes they can access the image directly with the link, the security rules are overruled when you directly open the database or share the link to the database


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...