I'm using firebase storage to store and load images for users on my android app. All users must be authenticated before using it. Occasionally, some user profile images are not showing and throwing "403 Forbidden" error. Those images were displaying before, I'm not sure why they stop working. i'm using the following rules on my firebase storage:
service firebase.storage {
match /b/<storage_address>.appspot.com/o {
match /{allPaths=**} {
allow read: if request.auth != null;
allow write: if request.auth != null;
}
}
}
if i change the read rule to allow read;
all the images are working properly.
This is my display method:
Picasso.Builder builder = new Picasso.Builder(this);
builder.listener(new Picasso.Listener()
{
@Override
public void onImageLoadFailed(Picasso picasso, Uri uri, Exception exception)
{
exception.printStackTrace();
}
});
builder.build().load(URL).into(imgView);
The image URL looks something like this:
https://firebasestorage.googleapis.com/v0/b/<storage_address>.appspot.com/o/images%2Fprofile%2Fphoto%2F36805?alt=media&token=e62ec151-3aaf-4e5c-aefb-1b3c93828684
Could it be something to do with the token?
builder.build().load(URL)
usingStorageReference.getDownloadUrl()
? If so, I don't know how changing the security rules would affect behavior. Access to the file through this URL is public--not controlled by the rules. – Bob Snyder