Vercel Blob now supports time-bound signed URLs for secure, scoped file operations without exposing your entire storage.
- •Each signed URL is scoped to a single operation (put, get, head, or delete), pathname, and expiry up to 7 days
- •Signatures are operation-specific, preventing GET URLs from being reused as PUT operations
- •Direct browser uploads are supported via multipart without server round-trips for large files
- •Conditional deletes use ifMatch to verify the object hasn't been overwritten since the URL was signed
- •Integrates with OIDC to keep long-lived tokens server-side while providing narrowly scoped browser URLs
This summary was automatically generated by AI based on the original article and may not be fully accurate.
Vercel
Airbnb
Spring
The Hacker News