The introduction of ActiveStorage in Rails 5.2
changed the way we upload or serve the attachments in a Rails application.
ActiveStorage has made it easier to integrate
use various cloud storage services.
While working with attachments,
we often come across situations where
we need to expire the URLs after a specific amount of time.
this specific change,
we had to use the service url
(referred as service_url before) to set the expiration time.
But, with the introduction of
it can be set with the redirection URL itself without using or
exposing the actual service URL.
we have a User model which has one registration attached to it.
When we create a blob URL,
it can be accessed unlimited times by anyone with the
the URL never expires.
This is a setback as it skips all the authentications and authorizations and can
be dangerous with sensitive documents.
Before rails 6
After rails 6
With this latest addition in Rails 7,
the URLs will expire at the given expiration time.
If you want to set a default expiration time for ActiveStorage URLs throughout your application,
OR in environment-specific configuration files development.rb, production.rb.