How to get content of file from Firebase storage using GET Request

2,042 views
Skip to first unread message

Anders Forsell

unread,
May 30, 2016, 11:02:17 AM5/30/16
to Firebase Google Group
I have followed the documentation on how to download a file from Firebase Storage, https://firebase.google.com/docs/storage/web/download-files#download_data_via_url 
Using the anonymous access method I got a valid URL that I can download using the browser.

But, in my client application I want to get the content using a GET Request (XMLHttpRequest).
When trying with the same URL I am getting the response:
  1. <Code>SignatureDoesNotMatch</Code>
  2. <Message>The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.</Message>
I guess I am missing header info for the authentication?

Thanks,

Anders

Mike Mcdonald

unread,
May 30, 2016, 7:39:27 PM5/30/16
to Firebase Google Group
Which headers are you including? For public URLs, no authentication header is required, so you should be fine. I assume the URL only has a single parameter, ?token=<UUID>

Interestingly, this is an error from the underlying Google Cloud Storage bucket claiming that the signed URL signature is incorrect, would you mind posting the URL you're trying to download (minus the name of the bucket and the contents of the token param), plus any headers you're adding (again, with the sensitive info removed, if any) so we can check it?

Thanks,
--Mike

Anders Forsell

unread,
Jun 1, 2016, 10:58:26 AM6/1/16
to Firebase Google Group
When I included the authorization token in the header info it worked.


Header info (note that without Authorization it will give the error I mentioned):
  1. Authorization:
    Firebase eyJ...
  2. Origin:
  3. Referer:
  4. User-Agent:
    Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36
  5. X-Firebase-Storage-Version:
    webjs/1.0.0

Spencer Phippen

unread,
Jun 2, 2016, 8:33:45 PM6/2/16
to Firebase Google Group
Hey Anders,

Sending some custom headers, like ones starting with "X-Goog-", can result in a SignatureDoesNotMatch error.
Usually when we've seen this error it's because someone added custom headers to the GET request.
In this case, the response should contain the unexpected headers.

For example, if I make a download request with an "x-goog-test: test" header, the response that comes back looks like
<?xml version='1.0' encoding='UTF-8'?><Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.</Message>
<StringToSign>GET [newlines omitted]
1464917127
x-goog-test:test
/bucket/object</StringToSign></Error>

There's the header, 'x-goog-test: test' in the response.

Are you sending any custom headers, or do you see any header lines like this in your error response?
Reply all
Reply to author
Forward
0 new messages