I’m utilizing the Streamlit framework to develop data applications within my company. We are in the process of deploying a couple of these applications to production, and we have reached a critical phase where it is imperative to meet certain security requirements.
Our primary concern revolves around the security of the
st.audio component, as it generates a temporary URL that allows audio playback and/or download. I’ve observed that if I copy and paste the URL into an incognito session of my browser, the audio file remains accessible as long as I don’t close the tab with my app or navigate to a different page within the app. This poses a significant security risk, particularly given the high sensitivity of the data we are handling.
Is there a way to restrict this behavior? Specifically, I would like to prevent external access to these audio files and ensure they can only be accessed within my app. Currently, I am employing the
streamlit-authenticator to authenticate users and manage authorizations with assigned roles for different sections of my applications.
Do you have any ideas or suggestions on how to address this issue?