I want to know what the difference is between blob:
vs 'self' blob:
. Will 'self' blob:
pass all blob or just source from self?
Use case: Export functionality for my application is failing and adding 'self' blob:
helps.
But can this have any security implications?
I'm looking for
'self' blob:
vs blob:
blob:
'self' blob:
What’s the Difference?
• blob:: This lets your app use any blob: URLs, no matter where they come from. It’s like a catch-all.
• self blob:: This restricts your app to only use blob: URLs that come from your own site. It’s a bit more controlled.
Security Implications:
• blob:: Since it’s open to any source, it can be risky. If some malicious blob URL gets in, it can do bad stuff, like stealing data or running harmful code.
• self blob:: This is safer because it only allows blob: URLs from your own site. It’s harder for bad guys to sneak in something harmful.
Your Use Case:
If adding self blob: fixes your export functionality, it’s likely because your app needs to be sure it’s only dealing with its own blob: data. This limits exposure to external threats and makes your app more secure.
So, using self blob: is a good move for security, as it helps prevent unwanted stuff from messing with your app. Just make sure your blob: URLs are correctly generated by your own site.
Hope this helps!