Reputation: 3
How can I prevent an Azure Storage Shared Access Signature based on a Stored Access Policy being cached in the browser
I have generated an Azure Storage Shared Access Signature based on a Blob specific Stored Access Policy through Storage Explorer and have tested the generated URI in both Firefox and Chrome.
However, if I delete the SAP and/or regenerate the Storage Account Key, I can still access the Blob through that browser using the previous SAS.
Although clearing the Cached Web Content (or Chrome equivalent) resolves the issue I thought that deleting the SAP would immediately prevent further access (I only tried regenerating the key as a last resort and even that didn't work).
Is anyone aware of a way that I can prevent this browser caching of the SAS as it seems like a security issue to me.
Upvotes: 0
Views: 701
Answers (1)
Reputation: 29995
Please try to set the blob property CacheControl to max-age=0 or no-cache.
In storage explorer,right click the blob -> then in the context menu, select properties -> then scroll to CacheControl. Screenshot as below:
Upvotes: 2
Related Questions
- How to create a shared access signature with a stored access policy for an Azure Blob container in Azure Portal?
- how to revoke Shared Access Signature in Azure SDK
- Azure: Shared access signature generated by the SDK does not work in browser
- Controlling cache in Azure static web site
- Managing Stored Access Policy
- Azure Shared Access Signatures To Restrict Access
- Azure Blob: revoking Shared Access Signature Policy
- Revoke Shared Access Signatures after initial access in Azure Storage
- Azure BLOB Shared Access Signature at the BLOB level, not container
- Revoking shared access signatures on individual blobs