I use Firebase Storage to put images as image space, and then link to my blog, for example:
I checked "https://firebase.google.com/support/guides/security-checklist" it is mentioned
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
match /{allPaths=**} {
allow read, write: if false;
}
}
}
But it doesn't seem to mention how to restrict the domain, for example: the image can only be read in example1.com, not in example2.com
There is no way inFirebase's security rules for Cloud Storage to limit the domain that can read files. You may be able to control that through Cloud Storage's configuration itself, but otherwise you'll want to look at Firebase App Check which ensures that only your own code can make API calls.
Note: if you generate a download URL for a file in Cloud Storage, access through that URL (by design) bypasses the security rules and App Check, so will always be allowed. Given your use-case "in blogs" that might apply here, but I wasn't sure.