Firebase Storage共享下载网址存在安全风险吗？ [英] Firebase Storage share download url a security risk?

问题描述

我在Firebase存储中保存了一个图像。我想在发送的多封电子邮件中显示此图像。到目前为止，我已经使用了从Firebase控制台获得的下载URL，并且图像显示成功。我的问题是：这是共享图像的正确方法吗？安全吗？如果没有，那么我应该如何获得到该图像的安全链接？

I have an image saved in my Firebase Storage. I would like to display this image in multiple emails that I send. I have so far used the download URL as obtained from my Firebase console and the image displays successfully. My question is: Is this the correct way of sharing the image? Is it secure? If not, then how should I get a secure link to that image?

在这里是我从Firebase控制台中获得下载URL的位置：

Here's where I got the download URL from, in the Firebase console:

对此将提供任何帮助。

推荐答案

使用下载URL是在应用程序外部或不需要登录的用户之间共享文件的适当方法。

Using a download URL is the appropriate way to share files outside of an application, or to users who don't need to be logged in.

我很好奇您所说的安全是什么意思？如果您与某人共享对象，他们可以将链接转发给可以下载该对象的其他人，但他们也可以下载并共享该对象。

I'm curious what you mean by "is it secure"? If you're sharing the object with someone, they can forward the link to someone else who can download it, but they can also just download the object and share it as well.

如果要基于特定用户控制访问，则需要让用户登录并在应用程序中下载对象，而不要使用下载URL。再一次，他们可以在这里获取下载的对象并与其他任何人共享。

If you want to control access based on a particular user, you'll need to have users log in and download the objects in an application, rather than using download URLs. Granted, again, here they can take the downloaded object and share it with anyone else.

这篇关于Firebase Storage共享下载网址存在安全风险吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！