1

I am building an ASP.NET Azure Web Application (Web Role) which controls access to files stored in Azure Blob Storage. On a GET request, my HttpHandler authenticates the user and creates a Shared Access Signature for this specific file and user with a short time frame (say 30 mins). The client is a media player which checks for updated media files using HEAD, and if the Last-modified header differs, it will make a GET request. Therefore I do not want to create a SAS url but rather return LAst-modified, Etag and Content-length headers in response to the HEAD request. Is this bad practice? In case the file is up to date, there is no need to download the file again and thus no need to create a SAS url.

Example request: 

GET /testblob.zip
Host: myblobapp.azurewebsites.net
Authorization: Zm9v:YmFy

Response: 

HTTP/1.1 303 See other
Location: https://myblobstorage.blob.core.windows.net/blobcontainer/testblob.zip?SHARED_ACCESS_SIGNATURE_DATA

Any thoughts?

ulvesked
  • 429
  • 3
  • 11

1 Answers1

0

Is there a specific reason to force the client to make a HEAD request first? It can instead authenticate using your service, get a SAS token, make a GET request using If-Modified-Since header against Azure Storage, and download the blob only if it was modified since the last download. Please see Specifying Conditional Headers for Blob Service Operations for more information on conditional headers that Azure Storage Blob service supports.

Serdar Ozler
  • 3,752
  • 17
  • 24
  • The client is a proprietary (closed) device and I can't modify the client software. – ulvesked Oct 02 '14 at 06:02
  • I implemented the service so that HEAD requests returns the Last-Modfied header (which the client device expects) so it can determine whether or not to make a GET request. On a GET request, i generate a SAS token and redirect to azure blob service. It works great. Question is: Is there a better way? I have all file metadata in my DB so on a HEAD request I don't need to connect to to Azure. – ulvesked Oct 02 '14 at 06:08