Firebase cors config

Elijah_Clarke · March 6, 2023, 11:41pm

I’m trying to configure the rules for firebase storage.

mainly to add access for appgyver preview.

this is the current script version:

rules_version = ‘2’;
service firebase.storage {
match /b/{bucket}/o {
match /{allPaths=**} {
allow read, write: if request.auth != null;

  // Add CORS configuration for web access
  allow origin: if request.method == "OPTIONS" || request.method == "GET" 
               || request.method == "HEAD" 
               || request.method == "POST" 
               && request.headers.origin == "https://preview.appgyver.com";
}

// Add access for iOS and Android app stores
match /{allPaths=**} {
  allow read: if request.auth == null && request.resource.contentType.matches('image/.*');
}

}
}

Can some one help me fix this, also help if I’m missing anything, etc. I’m not familiar at all with doing this. Thank you

Fred_Kuzyk · March 7, 2023, 8:18am

Which documentation did you follow for these rules?

Have you looked at this: Configure CORS for web - tutorial

Elijah_Clarke · March 8, 2023, 8:35am

Hey Fred,

I’m following this Firebase - Google Firebase

This is not helpful at all for a beginner.

Elijah_Clarke · March 8, 2023, 8:36am

Used chatgpt to write the script, since I’m not familiar with it