问题描述
将CDN添加到私有Blob存储帐户-这样即使一段时间没有SAS也可以公开访问我的所有文件吗?与文档措辞相混淆,实际上只希望使用HTTPS的自定义域不关心缓存.
Adding CDN to private blob storage account — does this make all my files publicly accessible even without SAS for a period of time? Confused by documentation wording, really only want custom domain with HTTPS not interested in caching.
我想使用自定义域https://myprettylittleblob.mycompany.com
I want to access my blobs at https://myprettylittleblob.blob.core.windows.net using my custom domain https://myprettylittleblob.mycompany.com
我正在遵循此文档https://docs.microsoft.com/zh-cn/azure/storage/blobs/storage-https-custom-domain-cdn
I am following this documentation https://docs.microsoft.com/en-us/azure/storage/blobs/storage-https-custom-domain-cdn
在此其他相关文档中https://docs.microsoft.com/zh-cn/azure/cdn/cdn-storage-custom-domain-https
In this other related documentation https://docs.microsoft.com/en-us/azure/cdn/cdn-storage-custom-domain-https
我对这一行感到困惑,"Azure CDN忽略了添加到SAS令牌的任何限制.例如,所有SAS令牌都有一个过期时间,这意味着在过期内容从CDN存在点清除之前,仍可以使用过期的SAS访问内容. (POP)服务器."
I'm confused by this line "Azure CDN ignores any restrictions added to the SAS token. For example, all SAS tokens have an expiration time, which means that content can still be accessed with an expired SAS until that content is purged from the CDN point-of-presence (POP) servers."
这是说一旦我的受保护文件可以通过CDN上的SAS令牌访问,任何人都可以使用1个小时(或我设置的任何时间),直到将其清除为止?还是它仍然需要SAS令牌才能访问现在缓存的文件?
Is this saying that once my protected file is access using a SAS token over the CDN, it is available to anyone for 1 hour (or whatever I set) until it is purged? Or does it still need the SAS token to access the now cached file?
推荐答案
您的内容将无法公开访问,但是如果CDN仍在缓存中,则已经拥有有效URL的人可能可以访问比其预期时间更长的内容.您可以通过清除POP服务器中的内容来手动停止此操作.
Your content will not be publically accessible, but someone who already has valid URL might be able to access something for longer than intended if it is still cached by the CDN. You can manually stop this by purging the content from the POP servers.
这篇关于将CDN添加到私有Blob存储帐户-这样可以公开访问我的所有文件吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!