I have an image in an Azure blob storage container that needs to be displayed. The image contains sensitive data and therefore the URL cannot be revealed. The storage account and the key vault containing the connection credentials are secured using Managed Identity. I am a Junior Dev and am looking for the best practice to implement this. I am using .NET6/Razor Pages for both front and back end. Thank you for any/all advice and help!
I have tried using the blob storage API to get the blobs in the container, and that works as intended. However the URL is revealed and the image can be downloaded.
CodePudding user response:
As already stated in the comments: That's not something you can solve by technical means. Everybody that can view the image can also store it (or take a screenshot - in the ugliest case with a cell phone). This problem needs to be solved by trust. If you hrust the person viewing the image, you need to trust him that he's not abusing the image (or any data he's working with, by the way). If you don't trust him, don't give him access.
This kind of problems really cannot be solved by technical means, only by the "human factor".