oscklm
oscklm4mo ago

using _storageId vs storing storage urls directly

How stable are the generated file storage URL´s, and could we rather than storing the _storage id field, just store the file storage URL from the start, like when a document is created and the file uploaded? Asking this because, im wondering if we could simplify a bunch of enrichments we are doing when querying documents, and their related data?
13 Replies
jamwt
jamwt4mo ago
@oscklm strongly recommend new projects implement their own http actions and don't rely on built-in storage urls they have a lot of downsides, and we'll probably try to move away from them/deprecate them over time biggest downsides are: (1) they are by design unauthenticated and they can't easily be retracted; (2) they can cause us (Convex) domain reputation issues when they're used to serve phishing content. this is bad for everyone b/c if *.convex.cloud gets impacted by reputational issues, all convex customers can be affected
oscklm
oscklmOP4mo ago
Ohh that's very interesting, never thought about that. So am i understanding correctly, that essentially we should make our own url endpoint, that resolves in some file ?? so we would expose our own convex httpAction endpoint like domain.com/image/[_storageId].webp But i actually have no clue how to implement something like that, like make a http endpoint that resolves a image.
jamwt
jamwt4mo ago
Serving Files | Convex Developer Hub
Files stored in Convex can be served to your users by generating a URL pointing
oscklm
oscklmOP4mo ago
Awesome! Wow im very excited to check out this approach. Thanks for the quick reply 🙏
jamwt
jamwt4mo ago
no problem
allen
allen4mo ago
If #1 isnt a concern of the application, and the customer is on a paid plan with a custom domain setup, is #2 still a concern? Will the planned deprecation affect this use case or just shared convex.cloud customers?
jamwt
jamwt4mo ago
yeah, we'll see -- it might be that as long as you set up domain aliasing and you're a paid customer, we don't limit this. it might be free accounts on convex.cloud and possibly even convex.site we haven't made hard decisions about this yet, and we'd definitely do it in a way that doesn't break any apps and/or gives an extended deprecation period etc the slightly longer answer as to why http actions make a difference here (even without using a custom domain) is that convex.site is listed as a rehosting domain in some official registry, as is vercel.app things like that so in theory we have better protection there in that if there is an abuse issue it's treated a little differently rather than "convex, inc. is serving this" convex.cloud though is not so serving arbitrary files there is a bit of a gotcha for us right now
allen
allen4mo ago
The position isnt unreasonable. I'm currently working on a file intensive application at the moment, so I'm interested in tracking your thinking and roadmap around this, as I'm debating where/how to host assets.
jamwt
jamwt4mo ago
yeah, I think the whole game will reset in about 4-6 weeks when components come out we have some CDN-wrapping components that are pretty sweet
allen
allen4mo ago
Oh nice. I'll wait for that announcement.
jamwt
jamwt4mo ago
@ballingt is actually building one internally that automatically gets your images into cloudflare and stuff so all the APIs stay nice and convex centric, but the component takes care of relaying content into global cdns with resampling etc etc
allen
allen4mo ago
Perfect. That's actually the direction I was leaning and was considering rolling my own. Video is on my roadmap too, but can cross that bridge when i get there, as it has its own special pile of concerns.
jamalsoueidan
jamalsoueidan4mo ago
Thats how I done it with Mongodb, upload to S3, and then generate url when requested by custom http endpoint, but it has its downside with few seconds delay, since it needs to request a url from AWS S3 and make the http redirection.

Did you find this page helpful?