如何缩短Google Cloud Storage签名的下载URL?

编程入门行业动态更新时间:2024-10-24 04:35:56

本文介绍了如何缩短Google Cloud Storage签名的下载URL?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！问题描述

我有一个firebase应用程序，并且使用Firebase Storage上传图像.我使用firebase web sdk上传时返回的URL是合理的:

I have a firebase app, and I use Firebase Storage to upload images. the URLs i get back when I use the firebase web sdk to upload are reasonable:

firebasestorage.googleapis/v0/b/projectId.appspot/o/image.jpg?alt=media&token=51183d4a-551a-41e2-b620-14b44b8c86ed

但是，由于Firebase在其node.js SDK中不支持storage API，因此我必须使用Google Cloud Storage SDK:

However, since Firebase doesn't support the storage API in their node.js SDK, I have to use the Google Cloud Storage SDK:

bucketRef.upload(localImagePath, options, (err, file, response) => { file.getSignedUrl({ action: 'read', expires: '03-17-2030' }, (err, url) => { console.log(url) }) })

这将返回非常长的时间:

This returns the prohibitively long:

storage.googleapis/projectId.appspot/image.jpg?Googl eAccessId=firebase-adminsdk-xfe5z@projectId.iam.gserviceaccount&Expires=1899950400&Si gnature=fyotCYAbiWGuBGjwL0YDpByqZsKTdrwd9%2F7bZ88Rw8zP53dyEvcrIer6paYdzb%2BlH7OmJSRfcSxaAj7ur GhZw20a4k4b5InLufqrOhSuYAE6w5vM2Hp8vz1XgSXl9jOFym2wMPEn7RkVwjxnT3QJKSBa0vqnkXX0wQUF4CjvHjUxbS Tc9jj0NeNYUNmHGlZlVcKf%2BgE00rG9gt3QyCGAMt55h3kltMbyT%2FvnAYh%2FwuvhbVhX%2FNSCjieYb13KjjmDTgt l5NU5nWY9Cu0QBraAbn6GlsUUvj0hBB2Gi7OHnUNi218w3EPehy7YAy6RhTcnuhiZlFaLX3TSmBS%2BX%2F3%2BoA%3D% 3D

我将这些URL保留在firebase中，所以这似乎是一种存储负担，因为我要存储的图像数量开始接近6-7位数字范围.

I keep these URLs in firebase, so this stands to be kind of a storage burden as the # of images I'm storing starts to approach the 6-7 digit range.

有没有一种方法可以缩短这个时间?

Is there a way to shorten this?

推荐答案

简短的回答是否"，您不能缩短它.长答案是您不想缩短它:签名是一种加密签名的哈希，它封装了上面显示的信息(action和expires)，并且只要URL是URL，最终用户就可以执行该操作.有效.

The short answer is no, you can't shorten it. The long answer is that you don't want to shorten it: the signature is a cryptographically signed hash that encapsulates the information presented above (action and expires) and lets the end user perform that action so long as the URL is valid.

如果它更短，则有人可能会猜测您数据的URL，或者有可能通过已知的明文攻击将其破坏(以给定的已知明文相同的方式对其进行哈希处理，然后查看匹配的内容).

If it were shorter, someone could guess the URL for your data, or potentially break it by a known plaintext attack (hashing it in the same way with given known plaintexts and seeing what matches).