stackoom
  简体   繁体   中英

How can I filter requests to Google Cloud Storage depending on their HTTP headers?

 原文  2022-11-29 08:54:46       http-headers/ google-cloud-storage/ firebase-storage/ firebase-security

Question

My use case is that I have pretty large files (>2GB, these are Cloud Optimized Geotiffs) on Google Cloud Storage, which can be used in applications through HTTP range requests.

I would like to filter out requests that are missing the Range header.

This would avoid the case of users downloading the whole file. (I guess someone could still make a range request for the whole file with a bit of work, but i am not concerned about this.)

The documentation ( https://firebase.google.com/docs/storage/security/rules-conditions#request_evaluation ) says "HTTP headers and authentication state are also included", so I would expect to be able to use this information in the security rules.

Is it possible at all and if it is, how?

I cannot find any example of using HTTP headers in the security rules conditions. I have also tried the rules playground in Firebase, but didn't figure out how to access the request headers.

2 answers

solution1
 2  2022-12-01 09:54:56

It doesn't seem like there's any way to access HTTP headers. The only request variables are those in the document

You can try the request.params variable which will be populated with query params present in the request

eg. <firebase storage url>?myParam=true -> request.params.myParam == "true" should work

solution2
 0 ACCPTED  2022-12-12 00:58:35

No, it is not possible to filter requests depending on HTTP headers.

The request variable in the security rules does not include HTTP headers. (As stated by a firebaser in the comments of Roopa M's answer.) The documentation has been updated since this question was asked, and does not state any longer that this information is included.

Roopa M's answer gives an idea to filter requests based on query parameters, which might help you, but is independent from HTTP headers.

In order to really handle queries according to HTTP headers in the context of firebase, it is probably necessary to rely on a cloud function that will act as middleware. These have access to the full HTTP request if i am not mistaken.

Alternatively, this kind of rule should be reasonably easy to implement in a regular web server like Nginx, if you have the option to build your project in such an environment.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How can I automate data loading into Google Cloud Storage? How can I upload files to google cloud storage without token in JavaScript How can I update an object metadata through Google Cloud Storage using Python aiohttp PATCH request? How can I upload files to Cloud Storage through Cloud Functions and use Firestore to control access to Cloud Storage? Python and "import requests" on HTTP Google Cloud Functions TensorBoard can not read summaries on Google Cloud Storage Automatically retrieving large files via public HTTP into Google Cloud Storage How to migrate local storage (active storage) to google cloud storage Concatenate 1000 CSV file directly in Google Cloud Storage? Without duplicated headers? Module not found: Can't resolve 'fs' on @google-cloud/storage
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM