Accessing CSV in private Blob Storage using Access Token (SAS token URL in Azure, Signed URL in GCP, Presigned URL in AWS) #174
Comments
Hi I am using a BYOR image and trying to use a private URL from Azure blob storage. But while browsing the issues I found yours. Are you able to load from the blob storage ? For the hack that you mentioned, should the URL be ending in secure-token.CSV or "=csv" ? Please let me know. |
I store my CSV in blob storage that is secured (e.g. not publicly accessible).
Taking Microsoft Azure's Blob Storage as an example, the URL would be something like:
https://mystorageacct.blob.core.windows.net/container-storage/radar.csv
However, this isn't publicly available, so can't supply that as input.
All these cloud providers have the ability to create URLs that embed an access code of sorts, giving access to the CSV file to anyone who meets the criteria (whitelisted set of IPs, date/time range etc). The URL generated might look like so:
https://mystorageacct.blob.core.windows.net/container-storage/radar.csv&sp=r&st=2021-03-23T18:27:51Z&se=2021-03-24T02:27:51Z&spr=https&sv=2020-02-10&sr=b&sig=a-secure-token-goes-here
As it stands, this line in the code will fail to parse such URL:
build-your-own-radar/src/util/factory.js
Line 209 in 54435ff
... as it expects the URL to finish in '.csv'.
As a hack, I have been appending an extra parameter to my secure URL (e.g. https://mystorageacct.blob.core.windows.net/container-storage/radar.csv&sp=r&st=2021-03-23T18:27:51Z&se=2021-03-24T02:27:51Z&spr=https&sv=2020-02-10&sr=b&sig=a-secure-token-goes-here&hack=csv) which works a treat, but I wondered if the code could be enhanced so that the is it a CSV or GoogleSheets decision is carried out differently.
Thanks
The text was updated successfully, but these errors were encountered: