sas token for containerAccessLevel = 'blob' doesn't make sense

symphonicc / multer-azure-blob-storage

ES6 & Typescript friendly multer storage engine for Azure's blob storage.

MIT License

19 stars 25 forks source link

sas token for containerAccessLevel = 'blob' doesn't make sense #2

Closed jakubzloczewski closed 6 years ago

jakubzloczewski commented 6 years ago

Please correct me if I'm wrong.

My understanding is that containers with type of 'Blob' are accessible anonymously - so generating sas tokens for this type of container is redundant.

I've tried with files from my Blob container and when I have generated url with expired signature then file is not accessible but when I remove all parameters from url then anyone can open file.

Sliverb commented 6 years ago

You are right. From my understanding, i thought we were able to set different permission levels for the container/blobs. I just tried removing the params as you suggested and surprised i could also open the file.

I'll have to go figure out if blob access level can be secured.

Thanks for this new knowlege

Sliverb commented 6 years ago

Closing for now as it doesn't affect functionality. But I will improve on this to skip the tokens for blob types