Home > Net >  Firebase Storage Security Rules - Does the match statement match for strings placed anywhere in a fi
Firebase Storage Security Rules - Does the match statement match for strings placed anywhere in a fi

Time:07-25

Accordingly to this section in the official docs, these security rules:

service firebase.storage {
  match b/{bucket}/o {
    // Matches any filename containing string '/images/'.
    match /images/{imageId} {
      allow read, write: if false;
    }

    // Matches all filenames containing string `/images/`
    match /images/{imageId=**} {
      allow read, write: if true;
    }
  }
}

All reads and writes to files with the string /images/ anywhere in their filename will be allowed because the second rule is always true, even though the first rule is always false.

I understand the naming conventions to emulate a file system and the overlapping stuff... but, does that "anywhere" mean these permissions apply to filenames like /foo/bar/images/profilePicture.png? (Just asking because it is strange to me, I supposed rules won't apply to files with another prefix, just supposed they must start with images)

CodePudding user response:

That actually looks like a mistake in that sample. As far as I know the first match /images/{imageId} matches file that are immediately under the images filter, while the second match /images/{imageId=**} also matches files that are in deeper nested folders under /images.

  • Related