Fatih BAKIR
Reputation: 4725
Firebase storage rules, `request.resource.md5hash` is null
I'm trying to build a web app using FireBase backend and I have a storage rule as the following:
service firebase.storage {
match /b/stuff.appspot.com/o {
match /images/{fname}
{
allow read: if true;
allow write: if request.resource.md5hash != null;
}
}
}
However, when I try to put data to images/filename, I'm getting a storage/unauthorized error. If I remove the condition and set to just true, it works as expected and therefore I think the request.resource.md5hash is null.
What am I missing? Because I would expect any file to have a non-null md5 hash.
Additional notes:
- If I remove the md5 condition and upload a file without any check, I can get the
md5Hashin the client of the uploaded file. Therefore, a hash is actually being calculated at some point. - In the reference about storage rules
md5hashfield is used, so it's expected to work.
Upvotes: 0
Views: 466
Answers (1)
Mike McDonald
Reputation: 15963
Two things:
- The property is actually
md5Hash(our reference docs are wrong, I just fixed them) - The
md5Hashis currently not being passed through to rules (yep, it's a bug, and we're fixing it now, though it takes some time to roll out to production)
We're working on passing the MD5 through, so hold tight :)
Upvotes: 3
Related Questions
- Firebase Storage security rules playground "Simulated read denied"
- Why am I getting an unauthorized firebase storage error?
- Firebase storage rule resource variable returns null
- Firebase Storage Rules - access granted doesn't match rules
- Firebase storage security rule parameter hash
- Firebase storage rules "unauthorized"
- Firebase Storage security rule error- User does not have permission
- Cannot access firebase storage rules
- Firebase storage security rules not working
- Firebase Storage security read rule ignored