Security News
Node.js TSC Votes to Stop Distributing Corepack
Corepack will be phased out from future Node.js releases following a TSC vote.
By Sarah Gooding - Mar 19, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
strapi-provider-upload-azure-storage
Advanced tools
strapi-provider-upload-azure-storage
If you're interesting in helping maintain the package please shoot me a message. Thanks - Jake
Looking for additional maintainer
If you're interesting in helping maintain the package please shoot me a message. Thanks - Jake
Strapi Provider Upload Azure Storage
Plugin enabling image uploading to azure storage from strapi.
Getting Started
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.
Prerequisites
- strapi@4.0.0+
Installing
Inside your strapi project run the following
yarn add strapi-provider-upload-azure-storage
# or
npm install strapi-provider-upload-azure-storage
Usage
To enable the provider, create or edit the file at ./config/plugins.js.
This is an example plugins.js file for Azure storage:
module.exports = ({ env }) => ({
upload: {
config: {
provider: "strapi-provider-upload-azure-storage",
providerOptions: {
authType: env("STORAGE_AUTH_TYPE", "default"),
account: env("STORAGE_ACCOUNT"),
accountKey: env("STORAGE_ACCOUNT_KEY"),//either account key or sas token is enough to make authentication
sasToken: env("STORAGE_ACCOUNT_SAS_TOKEN"),
serviceBaseURL: env("STORAGE_URL"), // optional
containerName: env("STORAGE_CONTAINER_NAME"),
defaultPath: "assets",
cdnBaseURL: env("STORAGE_CDN_URL"), // optional
defaultCacheControl: env("STORAGE_CACHE_CONTROL"), // optional
removeCN: env("REMOVE_CONTAINER_NAME"), // optional, if you want to remove container name from the URL
},
},
},
});
// For using azure identities, the correct authType is 'msi' or (provide it in the environment variable)
module.exports = ({ env }) => ({
upload: {
config: {
provider: "strapi-provider-upload-azure-storage",
providerOptions: {
authType: 'msi',
account: env("STORAGE_ACCOUNT"),
clientId: env("STORAGE_AZURE_CLIENT_ID"), // optional
serviceBaseURL: env("STORAGE_URL"), // optional
containerName: env("STORAGE_CONTAINER_NAME"),
defaultPath: "assets",
cdnBaseURL: env("STORAGE_CDN_URL"), // optional
defaultCacheControl: env("STORAGE_CACHE_CONTROL"), // optional
removeCN: env("REMOVE_CONTAINER_NAME"), // optional, if you want to remove container name from the URL
},
},
},
});
| Property | Required | Description |
|---|---|---|
| authType | true | Whether to use a SAS key ("default") or an identity ("msi") |
| account | true | Azure account name |
| accountKey | if 'authType 'default' | Secret access key |
| clientId | false (consumed if 'authType 'msi') | Azure Identity Client ID |
| sasToken | false | SAS Token, either accountKey or SASToken is required if 'authType is 'default' |
| serviceBaseURL | false | Base service URL to be used, optional. Defaults to https://${account}.blob.core.windows.net |
| containerName | true | Container name |
| defaultPath | true | The path to use when there is none being specified. Defaults to assets |
| cdnBaseURL | false | CDN base url |
| defaultCacheControl | false | Cache-Control header value for all uploaded files |
| removeCN | false | Set to true, to remove container name from azure URL |
Security Middleware Configuration
Due to the default settings in the Strapi Security Middleware you will need to modify the contentSecurityPolicy settings to properly see thumbnail previews in the Media Library. You should replace strapi::security string with the object bellow instead as explained in the middleware configuration documentation.
To allow the azure storage content to be displayed, edit the file at ./config/middlewares.js.
You should replace the strapi::security string with the object below instead, see the Middlewares configuration documentation for more details.
./config/middlewares.js
module.exports = [
// ...
{
name: "strapi::security",
config: {
contentSecurityPolicy: {
useDefaults: true,
directives: {
"connect-src": ["'self'", "https:"],
"img-src": [
"'self'",
"data:",
"blob:",
"dl.airtable.com",
"https://market-assets.strapi.io",
/**
* Note: If using a STORAGE_URL replace `https://${process.env.STORAGE_ACCOUNT}.blob.core.windows.net` w/ process.env.STORAGE_URL
* If using a CDN URL make sure to include that url in the CSP headers process.env.STORAGE_CDN_URL
*/
`https://${process.env.STORAGE_ACCOUNT}.blob.core.windows.net`,
],
"media-src": [
"'self'",
"data:",
"blob:",
"dl.airtable.com",
/**
* Note: If using a STORAGE_URL replace `https://${process.env.STORAGE_ACCOUNT}.blob.core.windows.net` w/ process.env.STORAGE_URL
* If using a CDN URL make sure to include that url in the CSP headers process.env.STORAGE_CDN_URL
*/
`https://${process.env.STORAGE_ACCOUNT}.blob.core.windows.net`,
],
upgradeInsecureRequests: null,
},
},
},
},
// ...
];
serviceBaseURL is optional, it is useful when connecting to Azure Storage API compatible services, like the official emulator Azurite. serviceBaseURL would then look like http://localhost:10000/your-storage-account-key.
When serviceBaseURL is not provided, default https://${account}.blob.core.windows.net will be used.
cdnBaseURL is optional, it is useful when using CDN in front of your storage account. Images will be returned with the CDN URL instead of the storage account URL.
defaultCacheControl is optional. It is useful when you want to allow clients to use a cached version of the file. Azure storage will return this value in the Cache-Control HTTP-header of the response.
removeCN is optional. Some azure account configurations are such that they exclude 'container name' from the URL at which data is saved. It is by default set to false, if you want to remove container name from URL, set it to 'true'.
Contributing
Contributions are welcome
Versioning
We use SemVer for versioning. For the versions available, see the tags on this repository.
Authors
- Jake Feldman - Initial work - jakeFeldman
License
This project is licensed under the MIT License - see the LICENSE.md file for details
Acknowledgments
- strapi.io
- Azure
FAQs
If you're interesting in helping maintain the package please shoot me a message. Thanks - Jake
The npm package strapi-provider-upload-azure-storage receives a total of 2,561 weekly downloads. As such, strapi-provider-upload-azure-storage popularity was classified as popular.
We found that strapi-provider-upload-azure-storage demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 06 Feb 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Black Basta’s Dependency Confusion Ambitions and Ransomware in Open Source Ecosystems
Research uncovers Black Basta's plans to exploit package registries for ransomware delivery alongside evidence of similar attacks already targeting open source ecosystems.
By Kirill Boychenko - Mar 19, 2025
Security News
Oxlint Now in Beta with 500+ Built-in Rules and 2X Faster JavaScript Linting
Oxlint's beta release introduces 500+ built-in linting rules while delivering twice the speed of previous versions, with future support planned for custom plugins and improved IDE integration.
By Sarah Gooding - Mar 18, 2025