3

We are serving private resources (images, files, ...) stored on an Azure Blob container.

Security is implemented using Shared Access Signatures, created for every request to the resource, e.g, two requests mean two different access tokens.

In general a secure URL is comprised of the file name and the token is passed as query string, e.g. https://myaccount.blob.core.windows.net/file.img?sv=2015-04-05&ss=bf&srt=s&st=2015-04-29T22%3A18%3A26Z&se=2015-04-30T02%3A23%3A26Z&sr=b&sp=rw&sip=168.1.5.60-168.1.5.70&spr=https&sig=F%6GRVAZ5Cdj2Pw4tgU7IlSTkWgn7bUkkAg8P6HESXwmf%4B

The response for the resources contains the Cache-Control header (Cache-Control:max-age=31536000?

Resources of type Image and Video are present in the website using a regular HTML's or elements.

Can resources served this way be cached by the browser?

Thanks everyone!

JCS
  • 1,071
  • 2
  • 9
  • 24
  • 1
    `How can a HTML client cache images or videos served this way?` - Do you want the HTML client (say a browser) to cache the content or not? Or is your question is whether or not the content will be cached? Please edit your question and include this. Thanks. – Gaurav Mantri Oct 24 '17 at 05:17
  • Done Gaurav, I hope now it is clear that I want resources to be cached by the browser. Thank you. – JCS Oct 24 '17 at 10:52
  • Possible duplicate of [Instructing browser cache to ignore certain URL params](https://stackoverflow.com/questions/41615716/instructing-browser-cache-to-ignore-certain-url-params), i.e. it does not seem to be possible - browsers cache based on method and URI; if you have a variable query parameter, the browser cannot retrieve it from the cache unless you use the same SAS token every time. – AndreasHassing Oct 25 '18 at 20:13
  • "unless you use the same SAS token every time", indeed! But the HTTP response was still missing the required Cache Headers. Just answered the question and included a code sample. – JCS Nov 11 '18 at 11:24

1 Answers1

5

It is possible to add cache headers to the Shared Access Signature.

This instructs Azure Blob to return the corresponding cache headers as part of the HTTP Response.

This is how you can do it in c#:

    var policy = new SharedAccessBlobPolicy();
    var headers = new SharedAccessBlobHeaders() { CacheControl = "max-age=" + MaxCacheAgeInDays * 24 * 60 * 60 };
    var blockBlob = _container.GetBlockBlobReference(name);

    var result = _baseUrl + blobName + blockBlob.GetSharedAccessSignature(policy, headers);

Hope this helps someone else.

PS: The same can be done for other HTTP headers.

JCS
  • 1,071
  • 2
  • 9
  • 24
  • Still not clear - if I add Cache Control header to SAS Url - will browser be able to cache the file even though the SAS Url will be different every time? – random one Jun 22 '23 at 17:45