We have uploaded images in Azure Blob Storage with public access and in our Asp.Net MVC application we have showed them in this syntax:
<img src="https://xxxxx.blob.core.windows.net/image.png"/>
However, this is a security leak.Becase unauthorized users can also access all the images from browser easly. That's why, we try to use Shared Access Signatures Url for our images. But i have some questions;
Should we generate this url for every request with for small expire time?, maybe user refresh same page for 5 times each time, we should generate different url each time, isn't this a performance issue?,
Or,
Should we generate this url for long expiration time?, but in this case, how can i refresh token after expiration time?, how can i understand token is not valid no more?, and with long expiration time, can unauthorized users still access images with this url?,