Windows Azure - Shared Access Signature (SAS URI) -
heres 3 questions you!
- is possible revoke active sas uri without refreshing storage key or using stored access policy?
in application, users share same blob container. because of this, using stored access policy, (max 5 per container), or refreshing storage key, (will result in sas uri's being deleted), not option me.
- is possible show custom errors if sas uri incorrect or expired?
this default page: 
- if let users create own sas uri uploading/downloading, need think setting restrictions? can abused? currently, in application, there restrictions on how allowed upload, no restrictions on how many sas uris allowed create. users can aquire how many sas uris long don't complete upload or exceed allowed stored bytes. how real filesharing websites deal this? how sas uri cost create?
edit - clarification of question 3.
before can upload or download blob must first sas uri. wondering if it's "expensive" create sas uri. imagine user exploiting this, creating sas uri on , on again without finishing upload/download.
i wondering how real filesharing websites deal this. it's easy store information how storage user using , information put restrictions etc, but... if user keeps uploading files 99% , cancel , restarts again , same thing, imagine cost alot host
to answer questions:
- no, ad-hoc sas tokens (i.e. tokens without storage access policy) can't revoked other changing storage key or access policy.
- no, @ time not possible customize error message. standard error returned storage service shown.
- you need provide more details regarding 3. stands, don't think have enough information comment.
update
regarding question how expensive creating sas uri is, 1 thing creating sas uri not involve making rest api call storage service there's no storage transaction involved. storage side, there's no cost involved in creating sas uri. assuming service web application, cost think of user making call service create sas uri.
regarding comment how real file sharing websites deal it, think unless file sharing website answers it, purely speculative.
(my speculative response :)) if running file sharing website, not worry kind of thing because folks don't have time "mess around" site/application. it's not users come website intention of "let's upload files till upload 99%, cancel upload , again" :). again, purely speculative response :).
Comments
Post a Comment