0

The Rails 8 Guide states:

By default, Active Storage assumes private access to services. This means generating signed, single-use URLs for blobs. If you'd rather make blobs publicly accessible, specify public: true in your app's config/storage.yml:

However they are the same all the time, despite that I run it multiple times:

Rails.application.routes.url_helpers.rails_blob_path(model.video, only_path: true, redirect: false)
=> "/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsiZGF0YSI6MTYsInB1ciI6ImJsb2JfaWQifX0=--30a44e70ca899607724ec3259a5b255153e86e9d/IronCross.MOV?redirect=false"

Also that private, "single-use URLs for blobs" is contradictory with this:

All Active Storage controllers are publicly accessible by default. The generated URLs are hard to guess, but permanent by design. If your files require a higher level of protection consider implementing Authenticated Controllers.

If that single-use URL is true then how can it be generated?

Improve this question
4
  • I found out that if the signed_id has an expiration_time set then after the expiration time the blob can't be found: ``` signed_id = model.video.signed_id(expires_in: 1.minute) wait.... > ActiveStorage::Blob.find_signed(signed_id) => nil ``` Where can I set the default expiration time? where can I set the expiration time if generating the url using video_tag? Commented Mar 12 at 13:48
  • According to this: https://edgeapi.rubyonrails.org/classes/ActiveRecord/SignedId.html the "default is set to not expire" ... Commented Mar 12 at 15:13
  • It turns out that the video_tag generates a url to the redirect controller without any expiration time. Then the redirect_url generates a url to the blob with 5 minutes of validity. Commented Mar 12 at 15:38
  • 1
    model.video.url is the temporary url, but you shouldn't be using it directly. rails_blob_path for redirect url, rails_storage_proxy_path for proxy url. when using helpers it is resolved to a redirect url or proxy based on configuration guides.rubyonrails.org/… Commented Mar 13 at 23:24
Related questions
0
How to serve attachments privately using Rails?
7
Change default url from Active Storage
1
Getting heroku-app url for images instead of s3.amazonaws in Active storage Rails API
Load 5 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.