Just a quick blog post (and the first for a long time) on a bit of a gotcha a discovered when upgrading an application from the Azure SDK 1.5 to 1.7.

The web site (http://www.highway125.com) uses a Shared Access Signature for secure files in Blob storage to allow customers that have purchased digital downloads to download them.

The code I have been using for around 18 months looks like the following:

publicstring GenerateSharedAccessSignatureForTrack(int trackId) { var blob = GetContainer("secure/").GetBlobReference(string.Format("{0}.mp3",trackId)); SharedAccessPolicy policy = new SharedAccessPolicy(); policy.Permissions = SharedAccessPermissions.Read; policy.SharedAccessExpiryTime = DateTime.UtcNow + TimeSpan.FromMinutes(sharedAccessLifeSpan); policy.SharedAccessStartTime = DateTime.UtcNow.AddMinutes(-1); var sas = blob.GetSharedAccessSignature(policy); return blob.Uri.AbsoluteUri + sas; }

This has always worked no problem until I upgraded to the 1.7 version of the SDK and then all of a sudden every time I tried to generate the shared access signature for the blob and use it to download the file I would get 403 Access Forbidden.

It turns out that the problem was being caused by the forward slash in:


It would appear I may have never needed this in the first place and removing it fixed the problem and the signatures worked once again.

Phew, had me worried there for a minute (well around 90 actually).